CVE-2013-4422 Information

Description

SQL injection vulnerability in Quassel IRC before 0.9.1 when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message.

Reference

http://bugs.quassel-irc.org/issues/1244 http://quassel-irc.org/node/120 http://seclists.org/oss-sec/2013/q4/74 http://secunia.com/advisories/55194 http://secunia.com/advisories/55581 http://security.gentoo.org/glsa/glsa-201311-03.xml http://www.securityfocus.com/bid/62923 https://exchange.xforce.ibmcloud.com/vulnerabilities/87805