Intrusion Prevention

Adobe.RoboHelp.Server.SQL.Injection

Description

This indicates an attack attempt against a SQL injection vulnerability in Adobe RoboHelp Server.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted HTTP request. It allows a remote attacker to execute arbitrary SQL statements.

Affected Products

Adobe RoboHelp Server 7
Adobe RoboHelp Server 6

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the web site:
http://www.adobe.com/support/security/bulletins/downloads/apsb08-16.zip

CVE References

CVE-2008-2991