[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-1491Date: (C)2006-03-29   (M)2023-12-22


Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1015841
BID-17292
SECUNIA-19485
SECUNIA-19504
SECUNIA-19528
SECUNIA-19619
SECUNIA-19692
http://www.attrition.org/pipermail/vim/2006-March/000671.html
ADV-2006-1154
DSA-1033
DSA-1034
GLSA-200604-02
SUSE-SR:2006:007
horde-help-viewer-command-execution(25516)
http://cvs.horde.org/diff.php?f=horde%2Fservices%2Fhelp%2Findex.php&r1=2.85&r2=2.86
http://lists.horde.org/archives/announce/2006/000271.html
http://lists.horde.org/archives/announce/2006/000272.html

CWE    1
CWE-94

© SecPod Technologies