Описание
Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer.
Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1491
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25516
- http://cvs.horde.org/diff.php?f=horde%2Fservices%2Fhelp%2Findex.php&r1=2.85&r2=2.86
- http://lists.horde.org/archives/announce/2006/000271.html
- http://lists.horde.org/archives/announce/2006/000272.html
- http://secunia.com/advisories/19485
- http://secunia.com/advisories/19504
- http://secunia.com/advisories/19528
- http://secunia.com/advisories/19619
- http://secunia.com/advisories/19692
- http://securitytracker.com/id?1015841
- http://www.attrition.org/pipermail/vim/2006-March/000671.html
- http://www.debian.org/security/2006/dsa-1033
- http://www.debian.org/security/2006/dsa-1034
- http://www.gentoo.org/security/en/glsa/glsa-200604-02.xml
- http://www.novell.com/linux/security/advisories/2006_07_sr.html
- http://www.securityfocus.com/bid/17292
- http://www.vupen.com/english/advisories/2006/1154
Связанные уязвимости
Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer.
Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer.
Eval injection vulnerability in Horde Application Framework versions 3 ...