Linux Distros Unpatched Vulnerability : CVE-2017-9774

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Remote Code Execution was found in HordeImage 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication. CVE-2017-9774 Note that Nessus...

[SECURITY] [DSA 4276-1] php-horde-image security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4276-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 17, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4276-1] php-horde-image security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4276-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 17, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DLA 1395-1] php-horde-image security update

Package : php-horde-image Version : 2.1.0-4+deb8u1 CVE IDs : CVE-2017-9774 CVE-2017-14650 Debian Bugs : 865505 876400 It was discovered that there were two remote code execution vulnerabilities in php-horde-image, the image processing library for the Horde https://www.horde.org/ groupware tool:...

Fedora Update for php-horde-Horde-Image FEDORA-2017-299525e757

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 24 : php-horde-Horde-Image (2017-299525e757)

HordeImage 2.5.1 - mjr SECURITY: Fix more potential places for command injections. ---- HordeImage 2.5.0 - mjr SECURITY: Prevent DOS attack by preventing an infinite loop in certain conditions CVE-2017-9773, reported by Fariskhi Vidyan. - mjr SECURITY: Prevent RCE attacks by properly sanitizing...

Fedora Update for php-horde-Horde-Image FEDORA-2017-6f7d6fbccc

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 25 : php-horde-Horde-Image (2017-6f7d6fbccc)

HordeImage 2.5.1 - mjr SECURITY: Fix more potential places for command injections. ---- HordeImage 2.5.0 - mjr SECURITY: Prevent DOS attack by preventing an infinite loop in certain conditions CVE-2017-9773, reported by Fariskhi Vidyan. - mjr SECURITY: Prevent RCE attacks by properly sanitizing...

CVE-2017-9774

Remote Code Execution was found in HordeImage 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication...

UBUNTU-CVE-2017-9774

Remote Code Execution was found in HordeImage 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication...

CVE-2017-9774

CVE-2017-9774 affects Horde_Image, with RCE in 2.x prior to 2.5.0. Exploitation requires a logged‑in user via a crafted GET request. Upstream fix is 2.5.0+. Debian notes fixes in 2.1.0-4+deb8u1 (Jessie) and 2.3.6-1+deb9u1 (Stretch); other advisories map to the same CVE set. Monitor for patches an...