ZRM FOR MY SQL

DATE	CVE	VULNERABILITY TITLE	RISK
2009-09-08	CVE-2009-3102	Improper Input Validation vulnerability in Zmanda ZRM for MY SQL 2.1 The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable. network low complexity zmanda CWE-20 critical	10.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.