Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 13/03/2007 Updated: 16/10/2018

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

VMScore: 801

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Unspecified vulnerability in LedgerSMB prior to 1.1.5 and SQL-Ledger prior to 2.6.25 allows remote malicious users to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns from execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ledgersmb ledgersmb 1.0.0
sql-ledger sql-ledger
ledgersmb ledgersmb 1.1.0
ledgersmb ledgersmb 1.1.1

NVD-CWE-Other http://secunia.com/advisories/24363 http://secunia.com/advisories/24366 http://securityreason.com/securityalert/2435 http://www.securityfocus.com/archive/1/461944/100/100/threaded https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-1437

Vulnerability Summary

References

Vulmon Search

About

Products

Connect