Security Hero » Horde http://sechero.com If it's about security, you heard it here first Mon, 12 Jul 2010 23:27:38 +0000 en hourly 1 [SECURITY] [DSA 1765-1] New horde3 packages fix several vulnerabilities http://sechero.com/security-dsa-1765-1-new-horde3-packages-fix-several-vulnerabilities/ http://sechero.com/security-dsa-1765-1-new-horde3-packages-fix-several-vulnerabilities/#comments Wed, 08 Apr 2009 22:34:15 +0000 invalid string

Bugtraq: [SECURITY] [DSA 1765-1] New horde3 packages fix several vulnerabilities

[SECURITY] [DSA 1765-1] New horde3 packages fix several vulnerabilities

URL: http://www.securityfocus.com/archive/1/502551

]]> http://sechero.com/security-dsa-1765-1-new-horde3-packages-fix-several-vulnerabilities/feed/ 0 Horde IMP Webmail Client Cross Site Scripting And HTML Injection Vulnerabilities http://sechero.com/horde-imp-webmail-client-cross-site-scripting-and-html-injection-vulnerabilities/ http://sechero.com/horde-imp-webmail-client-cross-site-scripting-and-html-injection-vulnerabilities/#comments Tue, 24 Mar 2009 00:00:00 +0000 invalid string http://sechero.com/horde-imp-webmail-client-cross-site-scripting-and-html-injection-vulnerabilities/

Vuln: Horde IMP Webmail Client Cross Site Scripting And HTML Injection Vulnerabilities

Horde IMP Webmail Client Cross Site Scripting And HTML Injection Vulnerabilities

URL: http://www.securityfocus.com/bid/33492

]]> http://sechero.com/horde-imp-webmail-client-cross-site-scripting-and-html-injection-vulnerabilities/feed/ 0 Horde XSS Filter Cross Site Scripting Vulnerability http://sechero.com/horde-xss-filter-cross-site-scripting-vulnerability/ http://sechero.com/horde-xss-filter-cross-site-scripting-vulnerability/#comments Tue, 24 Mar 2009 00:00:00 +0000 invalid string http://sechero.com/horde-xss-filter-cross-site-scripting-vulnerability/

Vuln: Horde XSS Filter Cross Site Scripting Vulnerability

Horde XSS Filter Cross Site Scripting Vulnerability

URL: http://www.securityfocus.com/bid/33367

]]> http://sechero.com/horde-xss-filter-cross-site-scripting-vulnerability/feed/ 0 Horde IMP and Groupware Webmail Edition Multiple Input Validation Vulnerabilities http://sechero.com/horde-imp-and-groupware-webmail-edition-multiple-input-validation-vulnerabilities/ http://sechero.com/horde-imp-and-groupware-webmail-edition-multiple-input-validation-vulnerabilities/#comments Tue, 24 Mar 2009 00:00:00 +0000 invalid string

Vuln: Horde IMP and Groupware Webmail Edition Multiple Input Validation Vulnerabilities

Horde IMP and Groupware Webmail Edition Multiple Input Validation Vulnerabilities

URL: http://www.securityfocus.com/bid/27223

]]> http://sechero.com/horde-imp-and-groupware-webmail-edition-multiple-input-validation-vulnerabilities/feed/ 0 0930 (horde_imp) http://sechero.com/0930-horde_imp/ http://sechero.com/0930-horde_imp/#comments Tue, 17 Mar 2009 00:00:00 +0000 invalid string http://sechero.com/0930-horde_imp/

CVE-2009-0930 (horde_imp)

Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 4.2.2 and 4.3.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) smime.php, (2) pgp.php, and (3) message.php.

URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0930

]]> http://sechero.com/0930-horde_imp/feed/ 0 0932 (horde, horde_groupware) http://sechero.com/0932-horde-horde_groupware/ http://sechero.com/0932-horde-horde_groupware/#comments Tue, 17 Mar 2009 00:00:00 +0000 invalid string http://sechero.com/0932-horde-horde_groupware/

CVE-2009-0932 (horde, horde_groupware)

Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.

URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0932

]]> http://sechero.com/0932-horde-horde_groupware/feed/ 0 0931 (horde, horde_groupware) http://sechero.com/0931-horde-horde_groupware/ http://sechero.com/0931-horde-horde_groupware/#comments Tue, 17 Mar 2009 00:00:00 +0000 invalid string http://sechero.com/0931-horde-horde_groupware/

CVE-2009-0931 (horde, horde_groupware)

Cross-site scripting (XSS) vulnerability in the tag cloud search script (horde/services/portal/cloud_search.php) in Horde before 3.2.4 and 3.3.3, and Horde Groupware before 1.1.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0931

]]> http://sechero.com/0931-horde-horde_groupware/feed/ 0