CVE-2008-2380

Published: 22 December 2008

SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes.

Priority

Medium

Status

Package Release Status
courier-authlib
Launchpad, Ubuntu, Debian
Upstream
Released (0.62.0)
Ubuntu 12.04 ESM (Precise Pangolin) Not vulnerable
(0.62.4-1)