PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : Mandriva Linux Security Advisory 2012-059



newsbot
17.04.2012, 03:23
Mandriva Linux Security Advisory 2012-059 - It was discovered that SQLAlchemy did not sanitize values for the limit and offset keywords for SQL select statements. If an application using SQLAlchemy accepted values for these keywords, and did not filter or sanitize them before passing them to SQLAlchemy, it could allow an attacker to perform an SQL injection attack against the application. The updated packages have been patched to correct this issue.

Weiterlesen... (http://packetstormsecurity.org/files/111903/MDVSA-2012-059.txt)