CVE-2013-4422
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message.
| Software | From | Fixed in |
|---|---|---|
| quassel-irc / quassel_irc | - | 0.9.0.x |
| quassel-irc / quassel_irc | 0.1.0 | 0.1.0.x |
| quassel-irc / quassel_irc | 0.3.0 | 0.3.0.x |
| quassel-irc / quassel_irc | 0.3.0.1 | 0.3.0.1.x |
| quassel-irc / quassel_irc | 0.3.0.2 | 0.3.0.2.x |
| quassel-irc / quassel_irc | 0.3.0.3 | 0.3.0.3.x |
| quassel-irc / quassel_irc | 0.3.1 | 0.3.1.x |
| quassel-irc / quassel_irc | 0.4.0 | 0.4.0.x |
| quassel-irc / quassel_irc | 0.4.1 | 0.4.1.x |
| quassel-irc / quassel_irc | 0.4.2 | 0.4.2.x |
| quassel-irc / quassel_irc | 0.4.3 | 0.4.3.x |
| quassel-irc / quassel_irc | 0.5.0 | 0.5.0.x |
| quassel-irc / quassel_irc | 0.6.1 | 0.6.1.x |
| quassel-irc / quassel_irc | 0.6.2 | 0.6.2.x |
| quassel-irc / quassel_irc | 0.6.3 | 0.6.3.x |
| quassel-irc / quassel_irc | 0.7.0 | 0.7.0.x |
| quassel-irc / quassel_irc | 0.7.1 | 0.7.1.x |
| quassel-irc / quassel_irc | 0.7.2 | 0.7.2.x |
| quassel-irc / quassel_irc | 0.7.3 | 0.7.3.x |
| quassel-irc / quassel_irc | 0.7.4 | 0.7.4.x |
| quassel-irc / quassel_irc | 0.8.0 | 0.8.0.x |
- http://bugs.quassel-irc.org/issues/1244
- http://quassel-irc.org/node/120
- http://seclists.org/oss-sec/2013/q4/74
- http://secunia.com/advisories/55194
- http://secunia.com/advisories/55581
- http://security.gentoo.org/glsa/glsa-201311-03.xml
- http://www.securityfocus.com/bid/62923
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87805
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime