CVE-2012-0209

NameCVE-2012-0209
DescriptionHorde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse) in templates/javascript/open_calendar.js, which allows remote attackers to execute arbitrary PHP code.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs660077

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
horde3sourcelenny(not affected)
horde3sourcesqueeze(not affected)
horde3source(unstable)3.3.12+debian0-2660077

Notes

[squeeze] - horde3 <not-affected> (Introduced in 3.3.12)
[lenny] - horde3 <not-affected> (Introduced in 3.3.12)

Search for package or bug name: Reporting problems