CVE-2014-1691

2014-04-01T11:55:06
ID CVE-2014-1691
Type cve
Reporter NVD
Modified 2014-04-02T10:50:49

Description

The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.