Allround Automations PL/SQL Developer 11 prior to 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle malicious users to execute arbitrary code by modifying fields in the client-server data stream.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
allroundautomations pl\\/sql developer 11.0.5 |
||
allroundautomations pl\\/sql developer 11.0.3 |
||
allroundautomations pl\\/sql developer 11.0.2 |
||
allroundautomations pl\\/sql developer 11.0.1 |
||
allroundautomations pl\\/sql developer 11.0 |
||
allroundautomations pl\\/sql developer 11.0.4 |