CVE-2004-0016

NameCVE-2004-0016
DescriptionThe calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-419
NVD severityhigh (attack range: remote)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
phpgroupwaresource(unstable)0.9.14.007-4high
phpgroupwaresourcewoody0.9.14-0.RC3.2.woody3highDSA-419

Search for package or bug name: Reporting problems