Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Logicalware MailManager before 2.0.10 does not remove 0xc8 0x27 (0xc8 followed by a single-quote character) from the data stream to the server, which allows remote attackers to modify data and gain administrative access when PostgreSQL is used, aka "bug #1494281 - Postgres encoding security hole." NOTE: while this issue involves PostgreSQL, it is specific to MailManager's interface to PostgreSQL and is therefore a different vulnerability than CVE-2006-2313 and CVE-2006-2314.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Logicalware MailManager 数据流"0xc8 0x27" 权限许可和访问控制漏洞
Vulnerability Description
Logicalware MailManager的2.0.10之前版本未将发给服务器的数据流中的0xc8 0x27(0xc8跟着一个单引号字符)除去,远程攻击者可在使用PostgreSQL时获取管理员访问权,又称"bug #1494281 - Postgres编码安全漏洞。
CVSS Information
N/A
Vulnerability Type
N/A