CVE-2011-1390 - Funny Davit

Description

SQL injection vulnerability in the Maintenance tool in IBM Rational ClearQuest 7.1.1.x before 7.1.1.9 7.1.2.x before 7.1.2.6 and 8.x before 8.0.0.2 allows remote attackers to execute arbitrary SQL commands by leveraging an error in the user-database upgrade feature.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg21594717 http://www.securityfocus.com/bid/53483 http://secunia.com/advisories/49093 http://osvdb.org/81815 http://www.securitytracker.com/id?1027060 https://exchange.xforce.ibmcloud.com/vulnerabilities/71802