CVE

Id
43022  
CVE No.
CVE-2010-0438  
Status
Candidate  
Description
Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in OTRS-Core in Open Ticket Request System (OTRS) 2.1.x before 2.1.9, 2.2.x before 2.2.9, 2.3.x before 2.3.5, and 2.4.x before 2.4.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.  
Phase
Assigned (20100127)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
469245 43022 CVE-2010-0438 CONFIRM:http://otrs.org/advisory/OSA-2010-01-en/  View
469246 43022 CVE-2010-0438 CONFIRM:http://otrs.org/releases/2.4.7/  View
469247 43022 CVE-2010-0438 CONFIRM:http://source.otrs.org/viewvc.cgi/otrs/Kernel/System/Ticket.pm?view=log  View
469248 43022 CVE-2010-0438 CONFIRM:http://www.otrs.org/news/2010/otrs_2-4-7/  View
469249 43022 CVE-2010-0438 SUSE:SUSE-SR:2010:014  View
469250 43022 CVE-2010-0438 URL:http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html  View
469251 43022 CVE-2010-0438 BID:38146  View
469252 43022 CVE-2010-0438 URL:http://www.securityfocus.com/bid/38146  View
469253 43022 CVE-2010-0438 OSVDB:62181  View
469254 43022 CVE-2010-0438 URL:http://www.osvdb.org/62181  View
469255 43022 CVE-2010-0438 SECUNIA:38507  View
469256 43022 CVE-2010-0438 URL:http://secunia.com/advisories/38507  View
469257 43022 CVE-2010-0438 SECUNIA:38544  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
35730 JVNDB-2010-001510 PostgreSQL の bitsubstr 関数におけるサービス運用妨害 (DoS) の脆弱性 PostgreSQL の backend/utils/adt/varbit.c 内にある bitsubstr 関数には、第 3 引数が負の整数となっている際の処理に関して不備があるため、サービス運用妨害 (DoS) 状態となる、または詳細不明な影響を受ける脆弱性が存在します。 CVE-2010-0442 43022 6.5 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001510.html  View