NVD脆弱性詳細

CVE-2004-2562

概要	SQL injection vulnerability in jobedit.asp in Leigh Business Enterprises (LBE) Web Helpdesk before 4.0.0.81 allows remote attackers to execute arbitrary SQL commands via the id parameter.
公表日	2004年12月31日14:00
登録日	2021年1月29日18:01
最終更新日	2024年2月14日10:17

CVSS2.0 : HIGH
スコア	7.5
ベクター	AV:N/AC:L/Au:N/C:P/I:P/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
全ての特権を取得	いいえ
ユーザー権限を取得	いいえ
その他の権限を取得	はい
ユーザー操作が必要	いいえ

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.66:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:1.2_1999-07-00:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.80:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.78:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.75:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.64:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.71:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.59:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.72:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:1.3_2000-07-00:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.79:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.53:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.76:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.73:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.40_2001-07-21:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.43_2001-09-28:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.41_2001-08-27:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.63:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.54:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.65:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.52:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.60:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.69:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.50:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.67:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.62:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:1.4_2000-08-00:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.68:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.38_2001-06-10:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.74:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.77:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0_2001-03-00:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.35_2001-06-04:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.33_2001-05-00:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.61:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.70:::::::*

構成1	以上	以下	より上	未満
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.66:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:1.2_1999-07-00:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.80:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.78:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.75:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.64:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.71:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.59:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.72:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:1.3_2000-07-00:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.79:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.53:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.76:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.73:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.40_2001-07-21:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.43_2001-09-28:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.41_2001-08-27:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.63:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.54:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.65:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.52:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.60:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.69:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.50:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.67:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.62:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:1.4_2000-08-00:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.68:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.38_2001-06-10:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.74:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.77:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0_2001-03-00:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.35_2001-06-04:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.33_2001-05-00:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.61:::::::*
cpe:2.3:a:leigh_business_enterprises:web_helpdesk:4.0.0.70:::::::*

No	URL	refsource	タグ
1	http://www.securiteam.com/windowsntfocus/5QP0M0ADGI.html	MISC	Exploit Patch
2	http://www.lbehelpdesk.com/patch/web/history.txt	CONFIRM	URL Repurposed
3	http://www.securityfocus.com/bid/10773	BID	Exploit Patch
4	http://www.osvdb.org/8181	OSVDB
5	http://secunia.com/advisories/12123	SECUNIA	Patch Vendor Advisory
6	https://exchange.xforce.ibmcloud.com/vulnerabilities/16779	XF