Candidate: CVE-2008-2380
PublicDate: 2008-12-22 15:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2380
Description:
 SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before
 0.62.0, when a non-Latin locale Postgres database is used, allows remote
 attackers to execute arbitrary SQL commands via query parameters containing
 apostrophes.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_courier-authlib:
upstream_courier-authlib: released (0.62.0)
dapper_courier-authlib: DNE
gutsy_courier-authlib: needed (reached end-of-life)
hardy_courier-authlib: ignored (reached end-of-life)
intrepid_courier-authlib: needed (reached end-of-life)
jaunty_courier-authlib: ignored (reached end-of-life)
karmic_courier-authlib: not-affected (0.62.2-1)
lucid_courier-authlib: not-affected (0.62.4-1)
maverick_courier-authlib: not-affected (0.62.4-1)
natty_courier-authlib: not-affected (0.62.4-1)
oneiric_courier-authlib: not-affected (0.62.4-1)
devel_courier-authlib: not-affected (0.62.4-1)