cpe:/a:greensql:greensql_firewall:0.3.4 cpe:/a:greensql:greensql_firewall:0.3.5 cpe:/a:greensql:greensql_firewall:0.8.2 cpe:/a:greensql:greensql_firewall:0.8.3 CVE-2008-6992 2009-08-19T01:24:52.627-04:00 2009-08-19T00:00:00.000-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-08-19T10:02:00.000-04:00 OSVDB 48910 MISC http://bugs.mysql.com/bug.php?id=39337 MISC http://sla.ckers.org/forum/read.php?16,24367 MISC http://www.greensql.net/node/89 MISC http://www.greensql.net/node/98 CONFIRM http://www.greensql.net/security GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL.