CVE-2009-4824

NameCVE-2009-4824
DescriptionUnspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an "image upload form."
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
ReferencesDSA-1897-1

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
horde3sourceetch3.1.3-4etch6DSA-1897-1
horde3sourcelenny3.2.2+debian0-2+lenny1DSA-1897-1
horde3source(unstable)3.3.5+debian0-1
kolab-webclientsource(unstable)undetermined

Notes

package only in experimental; claimed fixed in version 20091202, but not enough info to check
http://kolab.org/cgi-bin/viewcvs-kolab.cgi/*checkout*/server/patches/horde-webmail/1.2.0/tg/Attic/t_framework_H_JS_Form_FixFormSecurityForImageUploads.diff?rev=1.1.2.1&only_with_tag=kolab_2_2_branch

Search for package or bug name: Reporting problems