Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6168


Vulnerability Score 7.5 7.5
CVE Id CVE-2007-6168
Last Modified 07 Mar 2011 10:02:04
Published 28 Nov 2007 08:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



SQL injection vulnerability in default.asp in VU Case Manager allows remote attackers to execute arbitrary SQL commands via the username parameter, a different vector than CVE-2007-6143. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems


  • Vu Case Manager


VUPEN - ADV-2007-3967

SECUNIA - 27779

BID - 26643

BUGTRAQ - 20071121 [Aria-Security.Net] VU Case Manager "Username/Password" SQL Injection

Last Updated: 27 May 2016 10:46:24