108 matches found
CVE-2015-3701
CVE-2015-3701 describes a buffer overflow in the Intel Graphics Driver on Apple OS X prior to 10.10.4, enabling local privilege escalation. Impact: local attacker could gain privileges via unspecified vectors. Affected: OS X versions before 10.10.4 with Intel graphics support. Root cause: buffer ...
Horde 3.3.5 - "PHP_SELF" XSS vulnerability
No description provided by source. ============================================= INTERNET SECURITY AUDITORS ALERT 2009-012 - Original release date: October 13th, 2009 - Last revised: December 16th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3701 - Severity: 6.3/10 CVSS Base Score...
CVE-2013-3701
...
CVE-2013-3701
CVE-2013-3701 is a duplicate of CVE-2013-6345 and is superseded. According to connected documents, CVE-2013-6345 describes an unspecified vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4, with unknown impact and attack vectors related to an "Application Exception" on ...
CVE-2012-3701
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1...
CVE-2012-3701
CVE-2012-3701 affects WebKit as used in Apple iTunes before 10.7. The vulnerability allows a remote attacker to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted website. The issue is part of WebKit memory corruption flaws disclosed in iOS...
CVE-2011-3701
CVE-2011-3701 affects AlegroCart 1.2.3. The issue allows remote attackers to obtain sensitive information by requesting a PHP file directly, causing an error message that reveals the installation path (demonstrated by common.php and related files). The documents do not provide remediation steps o...
CVE-2010-3701
CVE-2010-3701 affects Red Hat Enterprise MRG Messaging broker (qpidd) prior to version 1.2.2. The flaw is in lib/MessageStoreImpl.cpp where handling a very large persistent message by a remote authenticated user can exhaust stack memory, leading to a broker crash (DoS). Exploitation details: remo...
Fedora 11 : horde-3.3.6-1.fc11 (2010-5483)
Upgrade to 3.3.6 - Fixes a lot of security bugs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 13 : horde-3.3.6-1.fc13 (2010-5563)
Upgrade to 3.3.6 - Fixes a lot of security bugs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 12 : horde-3.3.6-1.fc12 (2010-5520)
Upgrade to 3.3.6 - Fixes a lot of security bugs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora Update for horde FEDORA-2010-5483
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Debian DSA-1966-1 : horde3 - insufficient input sanitising
Several vulnerabilities have been found in horde3, the horde web application framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3237 It has been discovered that horde3 is prone to cross-site scripting attacks via crafted number preferences o...
openSUSE Security Update : horde (horde-1947)
This update of horde fixes : - CVE-2009-3236: CVSS v2 Base Score: 5.0: Overwrite arbitrary files and execute PHP code - CVE-2009-3237: CVSS v2 Base Score: 5.0: Cross-Site Scripting XSS - CVE-2009-3701: CVSS v2 Base Score: 4.3: Cross-Site Scripting XSS - CVE-2009-4363: CVSS v2 Base Score: 4.3:...
Debian: Security Advisory (DSA-1966-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 1966-1] New horde3 packages fix cross-site scripting
------------------------------------------------------------------------ Debian Security Advisory DSA-1966-1 [email protected] http://www.debian.org/security/ Steffen Joeris January 07, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1966-1] New horde3 packages fix cross-site scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1966-1 [email protected] http://www.debian.org/security/ Steffen Joeris January 07, 2010 http://www.debian.org/security/faq -...
CVE-2009-3701
CVE-2009-3701 affects Horde Application Framework before 3.3.6, Horde Groupware before 1.2.5, and Horde Groupware Webmail Edition before 1.2.5. It enables remote XSS via PATH_INFO to admin/phpshell.php, admin/cmdshell.php, or admin/sqlshell.php, related to PHP_SELF. Impact is arbitrary script/HTM...
Horde 3.3.5 - 'PHP_SELF' Cross-Site Scripting
============================================= INTERNET SECURITY AUDITORS ALERT 2009-012 - Original release date: October 13th, 2009 - Last revised: December 16th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3701 - Severity: 6.3/10 CVSS Base Score...
[ISecAuditors Security Advisories] Horde 3.3.5 "PHP_SELF" Cross-Site Scripting vulnerability
============================================= INTERNET SECURITY AUDITORS ALERT 2009-012 - Original release date: October 13th, 2009 - Last revised: December 16th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3701 - Severity: 6.3/10 CVSS Base Score...