Lucene search
MitreCVELIST:CVE-2014-1691HistoryApr 01, 2014 - 3:00 p.m.
CVE-2014-1691
2014-04-0115:00:00
mitre
www.cve.org
4
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.
References
seclists.org/oss-sec/2014/q1/153
seclists.org/oss-sec/2014/q1/156
seclists.org/oss-sec/2014/q1/169
www.debian.org/security/2014/dsa-2853
github.com/horde/horde/blob/82c400788537cfc0106b68447789ff53793ac086/bundles/groupware/docs/CHANGES#L215
github.com/horde/horde/commit/da6afc7e9f4e290f782eca9dbca794f772caccb3
Related
ubuntucve
ubuntucve
CVE-2014-1691
2014-04-01 00:00:00
zdt
zdt
Horde Framework Unserialize PHP Code Execution
2014-03-22 00:00:00
packetstorm
packetstorm
Horde Framework Unserialize PHP Code Execution
2014-03-20 00:00:00
Horde Framework Unserialize PHP Code Execution
2014-06-29 00:00:00
checkpoint_advisories
checkpoint_advisories
Horde Framework Unserialize PHP Code Execution (CVE-2014-1691)
2014-05-18 00:00:00
nessus
nessus
Debian DSA-2853-1 : horde3 - remote code execution
2014-02-06 00:00:00
seebug
seebug
Horde Framework Unserialize PHP Code Execution
2014-07-01 00:00:00
exploitdb
exploitdb
Horde Framework - Unserialize PHP Code Execution (Metasploit)
2014-03-22 00:00:00
debian
debian
[SECURITY] [DSA 2853-1] horde3 security update
2014-02-05 12:11:46
openvas
openvas
Horde '_formvars' Form Input RCE Vulnerability
2014-03-21 00:00:00
Debian Security Advisory DSA 2853-1 (horde3 - remote code execution)
2014-02-05 00:00:00
Debian: Security Advisory (DSA-2853-1)
2014-02-04 00:00:00
metasploit
metasploit
Horde Framework Unserialize PHP Code Execution
2014-03-18 01:47:45
debiancve
debiancve
CVE-2014-1691
2014-04-01 15:55:06
securityvulns
securityvulns
[SECURITY] [DSA 2853-1] horde3 security update
2014-02-11 00:00:00
nvd
nvd
CVE-2014-1691
2014-04-01 15:55:06
osv
osv
horde3 - Remote code execution
2014-02-05 00:00:00
prion
prion
Design/Logic Flaw
2014-04-01 15:55:00
cve
cve
CVE-2014-1691
2014-04-01 15:55:06