Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4460

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2011-4460
Last Modified 29 Oct 2012 11:57:56
Published 04 Jun 2012 03:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2011-4460

Summary

SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to execute arbitrary SQL commands by leveraging access to a privileged account.

Vulnerable Systems

Application

  • Bestpractical Rt 2.0.0

  • Bestpractical Rt 2.0.1

  • Bestpractical Rt 2.0.11

  • Bestpractical Rt 2.0.12

  • Bestpractical Rt 2.0.13

  • Bestpractical Rt 2.0.14

  • Bestpractical Rt 2.0.15

  • Bestpractical Rt 2.0.2

  • Bestpractical Rt 2.0.3

  • Bestpractical Rt 2.0.4

  • Bestpractical Rt 2.0.5

  • Bestpractical Rt 2.0.5.1

  • Bestpractical Rt 2.0.5.3

  • Bestpractical Rt 2.0.6

  • Bestpractical Rt 2.0.7

  • Bestpractical Rt 2.0.8

  • Bestpractical Rt 2.0.8.2

  • Bestpractical Rt 2.0.9

  • Bestpractical Rt 3.0.0

  • Bestpractical Rt 3.0.1

  • Bestpractical Rt 3.0.10

  • Bestpractical Rt 3.0.11

  • Bestpractical Rt 3.0.12

  • Bestpractical Rt 3.0.2

  • Bestpractical Rt 3.0.3

  • Bestpractical Rt 3.0.4

  • Bestpractical Rt 3.0.5

  • Bestpractical Rt 3.0.6

  • Bestpractical Rt 3.0.7

  • Bestpractical Rt 3.0.7.1

  • Bestpractical Rt 3.0.8

  • Bestpractical Rt 3.0.9

  • Bestpractical Rt 3.1.10

  • Bestpractical Rt 3.1.11

  • Bestpractical Rt 3.1.12

  • Bestpractical Rt 3.1.13

  • Bestpractical Rt 3.1.14

  • Bestpractical Rt 3.1.15

  • Bestpractical Rt 3.1.16

  • Bestpractical Rt 3.1.17

  • Bestpractical Rt 3.1.2

  • Bestpractical Rt 3.1.3

  • Bestpractical Rt 3.1.4

  • Bestpractical Rt 3.1.5

  • Bestpractical Rt 3.1.6

  • Bestpractical Rt 3.1.7

  • Bestpractical Rt 3.1.8

  • Bestpractical Rt 3.2.0

  • Bestpractical Rt 3.2.1

  • Bestpractical Rt 3.2.2

  • Bestpractical Rt 3.2.3

  • Bestpractical Rt 3.4.0

  • Bestpractical Rt 3.4.1

  • Bestpractical Rt 3.4.2

  • Bestpractical Rt 3.4.3

  • Bestpractical Rt 3.4.4

  • Bestpractical Rt 3.4.5

  • Bestpractical Rt 3.4.6

  • Bestpractical Rt 3.4.7

  • Bestpractical Rt 3.5.1

  • Bestpractical Rt 3.5.2

  • Bestpractical Rt 3.5.3

  • Bestpractical Rt 3.5.4

  • Bestpractical Rt 3.5.5

  • Bestpractical Rt 3.5.6

  • Bestpractical Rt 3.5.7

  • Bestpractical Rt 3.6.0

  • Bestpractical Rt 3.6.1

  • Bestpractical Rt 3.6.10

  • Bestpractical Rt 3.6.2

  • Bestpractical Rt 3.6.3

  • Bestpractical Rt 3.6.4

  • Bestpractical Rt 3.6.5

  • Bestpractical Rt 3.6.6

  • Bestpractical Rt 3.6.7

  • Bestpractical Rt 3.6.8

  • Bestpractical Rt 3.6.9

  • Bestpractical Rt 3.7.1

  • Bestpractical Rt 3.7.5

  • Bestpractical Rt 3.7.80

  • Bestpractical Rt 3.7.85

  • Bestpractical Rt 3.7.86

  • Bestpractical Rt 3.8.0

  • Bestpractical Rt 3.8.1

  • Bestpractical Rt 3.8.10

  • Bestpractical Rt 3.8.11

  • Bestpractical Rt 3.8.2

  • Bestpractical Rt 3.8.3

  • Bestpractical Rt 3.8.4

  • Bestpractical Rt 3.8.5

  • Bestpractical Rt 3.8.6

  • Bestpractical Rt 3.8.7

  • Bestpractical Rt 3.8.8

  • Bestpractical Rt 3.8.9

  • Bestpractical Rt 4.0.0

  • Bestpractical Rt 4.0.1

  • Bestpractical Rt 4.0.2

  • Bestpractical Rt 4.0.3

  • Bestpractical Rt 4.0.4

  • Bestpractical Rt 4.0.5


References

MLIST - [rt-announce] 20120522 RT 4.0.6 Released - Security Release

MLIST - [rt-announce] 20120522 RT 3.8.12 Released - Security Release

MLIST - [rt-announce] 20120522 Security vulnerabilities in RT

OSVDB - 82136

BID - 53660

SECUNIA - 49259

XF - rt-unspecified-sql-injection(75824)


Last Updated: 27 May 2016 10:49:36