Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-3042


Vulnerability Score 7.5 7.5
CVE Id CVE-2009-3042
Last Modified 02 Sep 2009 12:00:00
Published 01 Sep 2009 02:30:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote attackers to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040.

Vulnerable Systems


  • Ocsinventory-ng Ocs Inventory Ng 1.02.1


CONFIRM -,cntnt01,detail,0&cntnt01articleid=147&cntnt01returnid=15

BUGTRAQ - 20090811 Sql injection in OCS Inventory NG Server 1.2.1

MILW0RM - 9416

SECUNIA - 35311

Last Updated: 27 May 2016 10:51:06