CVE Vulnerabilities

CVE-2007-1437

Published: Mar 13, 2007 | Modified: Oct 16, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9 HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger before 2.6.25 allows remote attackers to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns from execution.

Affected Software

Name Vendor Start Version End Version
Ledgersmb Ledgersmb 1.0.0 (including) 1.0.0 (including)
Ledgersmb Ledgersmb 1.1.0 (including) 1.1.0 (including)
Ledgersmb Ledgersmb 1.1.1 (including) 1.1.1 (including)
Sql-ledger Sql-ledger * 2.6.24 (including)
Sql-ledger Ubuntu dapper *
Sql-ledger Ubuntu edgy *
Sql-ledger Ubuntu feisty *
Sql-ledger Ubuntu gutsy *
Sql-ledger Ubuntu upstream *

References