PT-2024-9963 · Unknown · Express Web Client

Name of the Vulnerable Software and Affected Versions: eXpress web client affected versions not specified Description: The issue is caused by insufficient protection of the web page structure in the document viewer library of the eXpress web client. This allows a remote attacker to execute...

Debian dla-3924 : php-horde-mime-viewer - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-3924 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3924-1 [email protected] https://www.debian.org/lts/security/...

The vulnerability of the IW44EncodeCodec.cpp component in the viewer library, which is used for viewing, creating, and editing DjVu files, related to division by zero. This vulnerability allows an attacker to cause a service failure.

The vulnerability of the IW44EncodeCodec.cpp component in the viewer, editor, and DjVu-file creation library associated with DjVuLibre is related to the lack of checks for division by zero. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

Horde Groupware Webmail <= 5.2.22 XSS Vulnerability - Linux

Horde Groupware Webmail is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2021-43209

3D Viewer Remote Code Execution Vulnerability...

DEBIAN-CVE-2018-17481

Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...

GLSA-200911-01 : Horde: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200911-01 Horde: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Horde: Stefan Esser of Sektion1 reported an error within the form library when handling image form fields CVE-2009-3236. Martin Geisler and...

CVE-2009-3237

Multiple cross-site scripting XSS vulnerabilities in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Groupware 1.1 before 1.1.6 and 1.2 before 1.2.4; and Groupware Webmail Edition 1.1 before 1.1.6 and 1.2 before 1.2.4; allow remote attackers to inject arbitrary web script or HT...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Groupware 1.1 before 1.1.6 and 1.2 before 1.2.4; and Groupware Webmail Edition 1.1 before 1.1.6 and 1.2 before 1.2.4; allow remote attackers to inject arbitrary web script or HT...

FreeBSD : horde-base -- multiple vulnerabilities (ee23aa09-a175-11de-96c0-0011098ad87f)

The Horde team reports : An error within the form library when handling image form fields can be exploited to overwrite arbitrary local files. An error exists within the MIME Viewer library when rendering unknown text parts. This can be exploited to execute arbitrary HTML and script code in a...

horde-base -- multiple vulnerabilities

The Horde team reports: An error within the form library when handling image form fields can be exploited to overwrite arbitrary local files. An error exists within the MIME Viewer library when rendering unknown text parts. This can be exploited to execute arbitrary HTML and script code in a user...

DEBIAN-CVE-2006-4513

Multiple integer overflows in the WV library in wvWare formerly mswordview before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word DOC file that produces 1 large LFO clfolvl values in the...