Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3340

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-3340
Last Modified 21 Nov 2011 10:58:27
Published 21 Oct 2011 06:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-3340

Summary

SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.

Vulnerable Systems

Application

  • Atcom Netvolution 2.5.6


References

BUGTRAQ - 20111003 Netvolution referer header SQL injection vulnerability

SECUNIA - 46255

MISC - http://census-labs.com/news/2011/10/03/netvolution-referer-SQLi/


Last Updated: 27 May 2016 10:57:42