Vulnerability Note VU#990652
BigAnt IM Message server and components contain multiple vulnerabilities
BigAnt IM Message server and components contain multiple vulnerabilities which could allow an attacker to perform administrative functions on the the system
CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') - CVE-2012-6273
During the SHU request (search user) from the bigant messaging client, a sql query is built from a template and sent via a http like header. Proper sanitization is not performed. It has been reported this can be demonstrated by opening up the BigAnt Messenger Client, logging into a server, and searching for an 'Account/Full Name' of blah' OR hs_User.Col_Pword LIKE '[a-z]
A remote unauthenticated attacker may obtain sensitive information, cause a denial of service condition or execute arbitrary code with the privileges of the application.
We are currently unaware of a practical solution to this problem.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|BigAntSoft||Affected||-||04 Jan 2013|
CVSS Metrics (Learn More)
Thanks to hamburgers maccoy for reporting this vulnerability.
This document was written by Michael Orlando.
- CVE IDs: CVE-2012-6273 CVE-2012-6274 CVE-2012-6275
- Date Public: 09 Jan 2013
- Date First Published: 09 Jan 2013
- Date Last Updated: 09 Jan 2013
- Document Revision: 9
If you have feedback, comments, or additional information about this vulnerability, please send us email.