FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

pear-Horde_Image -- remote code execution vulnerability

Affected packages
2.0.0 <= pear-Horde_Image < 2.5.0

Details

VuXML ID a7003121-56bf-11e7-8e66-08606e46faad
Discovery 2017-06-21
Entry 2017-06-21

Michael J Rubinsky reports:

The fist vulnerability (CVE-2017-9774) is a Remote Code Execution vulnerability and is exploitable by a logged in user sending a maliciously crafted GET request to the Horde server.

[source]

References

CVE Name CVE-2017-9774
URL https://lists.horde.org/archives/announce/2017/001234.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.