The embedded HSQLDB in ParosProxy prior to 3.2.7, when running with JDK 1.4.2 prior to 1.4.2_08, allows local users to execute arbitrary comands via crafted SQL commands that interact with HSQLDB through JDBC, a similar vulnerability to CVE-2003-0845.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
parosproxy parosproxy 3.2.1 |
||
parosproxy parosproxy 3.2.2 |
||
parosproxy parosproxy 3.2.3 |
||
parosproxy parosproxy 3.2.4 |
||
parosproxy parosproxy 3.2.0 |
||
parosproxy parosproxy 3.2.5 |
||
parosproxy parosproxy 3.2.6 |