Vulnerability CVE-2002-0709


Published: 2002-10-10   Modified: 2012-02-12

Description:
SQL injection vulnerabilities in the Web Reports Server for SurfControl SuperScout WebFilter allow remote attackers to execute arbitrary SQL queries via the RunReport option to SimpleBar.dll, and possibly other DLLs.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Surfcontrol -> Superscout web filter 
Surfcontrol -> Web filter 

 References:
http://marc.info/?l=bugtraq&m=103359690824103&w=2
http://www.iss.net/security_center/static/10245.php
http://www.securityfocus.com/bid/5859

Copyright 2024, cxsecurity.com

 

Back to Top