CVE-2003-0025 Information

Description

Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql as demonstrated using mailbox.php3.

Reference

http://marc.info/?l=bugtraq&m=104204786206563&w=2 http://secunia.com/advisories/8087 http://secunia.com/advisories/8177 http://www.debian.org/security/2003/dsa-229 http://www.securityfocus.com/archive/1/306268 http://www.securityfocus.com/bid/6559 http://www.securitytracker.com/id?1005904