2
Candidate: CVE-2007-0347
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0347
6
The is_eow function in format.c in CVSTrac before 2.0.1 does not properly
7
check for the "'" (quote) character, which allows remote authenticated
8
users to execute limited SQL injection attacks and cause a denial of
9
service (database error) via a ' character in certain messages, tickets, or
19
dapper_cvstrac: ignored (reached end-of-life)
20
edgy_cvstrac: needed (reached end-of-life)
21
feisty_cvstrac: needed (reached end-of-life)
22
gutsy_cvstrac: needed (reached end-of-life)
23
hardy_cvstrac: not-affected (2.0.1-2)
24
intrepid_cvstrac: not-affected (2.0.1-2)
25
jaunty_cvstrac: not-affected (2.0.1-2)
26
karmic_cvstrac: not-affected (2.0.1-2)
27
devel_cvstrac: not-affected (2.0.1-2)
28
upstream_cvstrac: released (2.0.1)