CVE-2011-4349 in colordinfo

Summary

Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2) cd-device-db.c in colord before 0.1.15 allow local users to execute arbitrary SQL commands via vectors related to color devices and (a) device id, (b) property, or (c) profile id.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

11/04/2011

Disclosure

12/10/2011

Moderation

VulDB entry created

Entries

1: VDB-59648

CPE

ready

CWE

CWE-89 (Confirmed)

CVSS

7.3

EPSS

0.00109

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-4349
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4349
CVE Details	https://www.cvedetails.com/cve/CVE-2011-4349/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!