CVE-2015-6659 Information
Description
SQL injection vulnerability in the SQL comment filtering system in the Database API in Drupal 7.x before 7.39 allows remote attackers to execute arbitrary SQL commands via an SQL comment.
Reference
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165061.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165690.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165704.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165723.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165733.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165840.html http://www.debian.org/security/2015/dsa-3346 http://www.securityfocus.com/bid/76432 http://www.securitytracker.com/id/1033358 https://www.drupal.org/SA-CORE-2015-003
Share on: