RSS   Vulnerabilities for 'Colord'   RSS

2011-12-10
 
CVE-2011-4349

CWE-89
 

 
Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2) cd-device-db.c in colord before 0.1.15 allow local users to execute arbitrary SQL commands via vectors related to color devices and (a) device id, (b) property, or (c) profile id.

 

 >>> Vendor: Freedesktop 23 Products
Poppler
Xdg-utils
Policykit
DBUS
Dbus1.0
Dbus1.1.0
Scratchbox2
Udisks
Dbus-glib
Telepathy gabble
Colord
Systemd
Accountsservice
Libdbus
Spice-gtk
Polkit
Libbsd
Virglrenderer
Libpoppler
Libice
Gst-plugins-bad
Libinput
Freetype demo programs


Copyright 2024, cxsecurity.com

 

Back to Top