Posts Tagged ‘Horde’

[SECURITY] [DSA 1765-1] New horde3 packages fix several vulnerabilities

Bugtraq: [SECURITY] [DSA 1765-1] New horde3 packages fix several vulnerabilities

[SECURITY] [DSA 1765-1] New horde3 packages fix several vulnerabilities
URL: http://www.securityfocus.com/archive/1/502551

Horde IMP Webmail Client Cross Site Scripting And HTML Injection Vulnerabilities

Vuln: Horde IMP Webmail Client Cross Site Scripting And HTML Injection Vulnerabilities

Horde IMP Webmail Client Cross Site Scripting And HTML Injection Vulnerabilities
URL: http://www.securityfocus.com/bid/33492

Horde XSS Filter Cross Site Scripting Vulnerability

Vuln: Horde XSS Filter Cross Site Scripting Vulnerability

Horde XSS Filter Cross Site Scripting Vulnerability
URL: http://www.securityfocus.com/bid/33367

Horde IMP and Groupware Webmail Edition Multiple Input Validation Vulnerabilities

Vuln: Horde IMP and Groupware Webmail Edition Multiple Input Validation Vulnerabilities

Horde IMP and Groupware Webmail Edition Multiple Input Validation Vulnerabilities
URL: http://www.securityfocus.com/bid/27223

0930 (horde_imp)

CVE-2009-0930 (horde_imp)

Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 4.2.2 and 4.3.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) smime.php, (2) pgp.php, and (3) message.php.
URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0930

0932 (horde, horde_groupware)

CVE-2009-0932 (horde, horde_groupware)

Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0932

0931 (horde, horde_groupware)

CVE-2009-0931 (horde, horde_groupware)

Cross-site scripting (XSS) vulnerability in the tag cloud search script (horde/services/portal/cloud_search.php) in Horde before 3.2.4 and 3.3.3, and Horde Groupware before 1.1.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0931