Lucene search

K
debianDebianDEBIAN:DSA-4276-1:44319
HistoryAug 17, 2018 - 7:28 a.m.

[SECURITY] [DSA 4276-1] php-horde-image security update

2018-08-1707:28:50
lists.debian.org
7

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P


Debian Security Advisory DSA-4276-1 [email protected]
https://www.debian.org/security/ Sebastien Delafond
August 17, 2018 https://www.debian.org/security/faq


Package : php-horde-image
CVE ID : CVE-2017-9773 CVE-2017-9774 CVE-2017-14650
Debian Bug : 865504 865505 876400

Fariskhi Vidyan and Thomas Jarosch discovered several vulnerabilities
in php-horde-image, the image processing library for the Horde
groupware suite. They would allow an attacker to cause a
denial-of-service or execute arbitrary code.

For the stable distribution (stretch), these problems have been fixed in
version 2.3.6-1+deb9u1.

We recommend that you upgrade your php-horde-image packages.

For the detailed security status of php-horde-image please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php-horde-image

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P