Notified: September 18, 2003 Updated: October 09, 2003
Affected
CyberDOCS - Potential to Pass Harmful SQL Statements Via a Browser Request Problem: In CyberDOCS (versions 3.1 and 3.5.1), it is possible to pass a potentially harmful SQL statement to the system as part of the username/password string. Resolution: This issue does not occur in CyberDOCS 3.9 and later. Customers experiencing this issue should upgrade to the latest release of this product. Reference: SD017068
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.