Posts Tagged ‘Horde’

[SECURITY] [DSA 1765-1] New horde3 packages fix several vulnerabilities

Apr 8th, 2009
by invalid string.
No comments yet

Bugtraq: [SECURITY] [DSA 1765-1] New horde3 packages fix several vulnerabilities

[SECURITY] [DSA 1765-1] New horde3 packages fix several vulnerabilities
URL: http://www.securityfocus.com/archive/1/502551

Horde IMP Webmail Client Cross Site Scripting And HTML Injection Vulnerabilities

Mar 23rd, 2009
by invalid string.
No comments yet

Vuln: Horde IMP Webmail Client Cross Site Scripting And HTML Injection Vulnerabilities

Horde IMP Webmail Client Cross Site Scripting And HTML Injection Vulnerabilities
URL: http://www.securityfocus.com/bid/33492

Horde XSS Filter Cross Site Scripting Vulnerability

Mar 23rd, 2009
by invalid string.
No comments yet

Vuln: Horde XSS Filter Cross Site Scripting Vulnerability

Horde XSS Filter Cross Site Scripting Vulnerability
URL: http://www.securityfocus.com/bid/33367

Horde IMP and Groupware Webmail Edition Multiple Input Validation Vulnerabilities

Mar 23rd, 2009
by invalid string.
No comments yet

Vuln: Horde IMP and Groupware Webmail Edition Multiple Input Validation Vulnerabilities

Horde IMP and Groupware Webmail Edition Multiple Input Validation Vulnerabilities
URL: http://www.securityfocus.com/bid/27223

0930 (horde_imp)

Mar 16th, 2009
by invalid string.
No comments yet

CVE-2009-0930 (horde_imp)

Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 4.2.2 and 4.3.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) smime.php, (2) pgp.php, and (3) message.php.
URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0930

0932 (horde, horde_groupware)

Mar 16th, 2009
by invalid string.
No comments yet

CVE-2009-0932 (horde, horde_groupware)

Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0932

0931 (horde, horde_groupware)

Mar 16th, 2009
by invalid string.
No comments yet

CVE-2009-0931 (horde, horde_groupware)

Cross-site scripting (XSS) vulnerability in the tag cloud search script (horde/services/portal/cloud_search.php) in Horde before 3.2.4 and 3.3.3, and Horde Groupware before 1.1.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0931