ID CVE-2006-2320
Summary Multiple SQL injection vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to execute arbitrary SQL commands via multiple unspecified vectors related to stored procedure calls. NOTE: due to lack of details from the researcher, it is not clear whether this overlaps CVE-2004-2209.
References
Vulnerable Configurations
  • cpe:2.3:a:ideal_science:idealbb:1.5.0_beta1:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.0_beta1:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.0_beta2:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.0_beta2:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.0_beta3:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.0_beta3:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.0_beta4:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.0_beta4:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.0_rc1:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.0_rc1:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.2a:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.2a:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.2b:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.2b:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.2c:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.2c:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.3_beta1:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.3_beta1:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.3_beta2:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.3_beta2:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.3a:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.3a:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.3b:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.3b:*:*:*:*:*:*:*
  • cpe:2.3:a:ideal_science:idealbb:1.5.4a:*:*:*:*:*:*:*
    cpe:2.3:a:ideal_science:idealbb:1.5.4a:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 18-10-2018 - 16:39)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 17920
bugtraq 20060508 Multiple Vulnerabilities In IdealBB ASP Bulletin Board
misc http://www.idealscience.com/ibb/posts.aspx?postID=24415
osvdb 25457
secunia 20035
sreason 871
vupen ADV-2006-1729
xf idealbb-multiple-sql-injection(26354)
Last major update 18-10-2018 - 16:39
Published 12-05-2006 - 00:02
Last modified 18-10-2018 - 16:39
Back to Top