CVE-2009-4375

Name of the Vulnerable Software and Affected Versions AlienVault Open Source Security Information Management (OSSIM) versions prior to 2.1.5-4

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the id document parameter in the repository/repository attachment.php file.

Recommendations For versions prior to 2.1.5-4, update to version 2.1.5-4 or later to resolve the issue.