Vulnerability CVE-2011-4349

Vulnerability CVE-2011-4349

Published: 2011-12-10 Modified: 2012-02-13

Description:

Type:

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.6/10	6.4/10	3.9/10

Affected software
Freedesktop -> Colord

https://bugs.freedesktop.org/show_bug.cgi?id=42904

https://bugzilla.redhat.com/show_bug.cgi?id=757171

http://www.securityfocus.com/bid/50814

http://www.openwall.com/lists/oss-security/2011/11/25/4

http://www.openwall.com/lists/oss-security/2011/11/25/3

http://secunia.com/advisories/47160

http://secunia.com/advisories/46940

http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070518.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070450.html

http://gitorious.org/colord/master/commit/36549e0ed255e7dfa7852d08a75dd5f00cbd270e

http://gitorious.org/colord/master/commit/1fadd90afcb4bbc47513466ee9bb1e4a8632ac3b