CVE-2013-7369

Опубликовано: 18 апр. 2014

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Anti-Virus for Citrix Servers 9.00 before HF09, and F-Secure Email and Server Security and F-Secure Server Security 9.20 before HF01 allows remote attackers to execute arbitrary SQL commands via unknown vectors, related to GetCommand.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:f-secure:anti-virus:9.00:*:*:*:*:citrix_servers:*:*

cpe:2.3:a:f-secure:anti-virus:9.00:*:*:*:*:exchange_server:*:*

cpe:2.3:a:f-secure:anti-virus:9.00:*:*:*:*:windows_server:*:*

cpe:2.3:a:f-secure:anti-virus:9.10:*:*:*:*:exchange_server:*:*

cpe:2.3:a:f-secure:email_and_server_security:9.20:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:server_security:9.20:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00366

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-cp35-64v5-r4w6

github

больше 3 лет назад