Lucene search
K

5 matches found

Debian
Debian
added 2018/06/27 4:20 p.m.11 views

[SECURITY] [DLA 1398-1] php-horde-crypt security update

Package : php-horde-crypt Version : 2.5.0-5+deb8u1 CVE ID : CVE-2017-7413 CVE-2017-7414 Debian Bug : 859635 It was discovered that in Horde-Crypt, a cryptographic library and part of the PHP Horde framework, a command injection was possible when a Horde user used the PGP features to view an...

9CVSS8.8AI score0.40447EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/04/13 12:0 a.m.21 views

Fedora 24 : php-horde-Horde-Crypt (2017-e2a3e6fa12)

HordeCrypt 2.7.6 - mjr SECURITY: Fix remote code execution vulnerability CVE-2017-7413, and CVE-2017-7414. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as...

9CVSS8.4AI score0.40447EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/04/13 12:0 a.m.47 views

Fedora 25 : php-horde-Horde-Crypt (2017-ed4c9b605b)

HordeCrypt 2.7.6 - mjr SECURITY: Fix remote code execution vulnerability CVE-2017-7413, and CVE-2017-7414. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as...

9CVSS8.4AI score0.40447EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2017/04/13 12:0 a.m.17 views

Fedora Update for php-horde-Horde-Crypt FEDORA-2017-ed4c9b605b

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.2AI score0.40447EPSS
Exploits0References2
CVE
CVE
added 2017/04/04 2:0 p.m.65 views

CVE-2017-7414

In Horde_Crypt (PHP Horde) prior to 2.7.6, used in Horde Groupware Webmail Edition 5.x–5.2.17, a crafted PGP-signed email can trigger OS command injection when the recipient views or previews the message. The vulnerability arises when PGP features are enabled and “Should PGP signed messages be au...

7.5CVSS8AI score0.01249EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder