First published: Fri May 02 2003(Updated: )
SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to (1) rawdocdata.asp or (2) RawCustomSearchField.asp containing an embedded SQL statement.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft BizTalk Server | =2002 | |
Microsoft BizTalk Server | =2000 | |
Microsoft BizTalk Server | =2000-sp2 | |
Microsoft BizTalk Server | =2000-sp1a | |
Microsoft BizTalk Server | =2000 | |
Microsoft BizTalk Server | =2000-sp1a | |
Microsoft BizTalk Server | =2000 | |
Microsoft BizTalk Server | =2002 | |
Microsoft BizTalk Server | =2000-sp2 | |
Microsoft BizTalk Server | =2000-sp1a | |
Microsoft BizTalk Server | =2000-sp2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.