CVE-2007-5926

Description

OpenBase 10.0.5 and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to the (1) AsciiBackup, (2) OEMLicenseInstall, and possibly other stored procedures.

Affected products

• openbase_international_ltd / openbase10.0.5

References

• MISChttp://www.securityfocus.com/bid/26347
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/38291
• MISChttp://www.netragard.com/pdfs/research/NETRAGARD-20070313-OPENBASE.txt
• VENDOR_ADVISORYhttp://secunia.com/advisories/27525