Information on source package horde3

Available versions

ReleaseVersion
squeeze, squeeze3.3.8+debian0-3

Open issues

BugsqueezeDescription
CVE-2012-0909vulnerableCross-site scripting (XSS) vulnerability in Horde_Form in Horde ...
CVE-2012-6640vulnerableCross-site scripting (XSS) vulnerability in Horde Internet Mail ...
CVE-2013-6365vulnerableCSRF edit.php

Open unimportant issues

BugsqueezeDescription
CVE-2010-1638vulnerableThe IMP plugin in Horde allows remote attackers to bypass firewall ...

Resolved issues

BugDescription
CVE-2005-0378Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow ...
CVE-2005-0961Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before ...
CVE-2005-1921Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka ...
CVE-2005-3344The default installation of Horde 3.0.4 contains an administrative ...
CVE-2005-3759Multiple cross-site scripting (XSS) vulnerabilities in Horde before ...
CVE-2005-4190Multiple cross-site scripting (XSS) vulnerabilities in Horde ...
CVE-2006-1260Horde Application Framework 3.0.9 allows remote attackers to read ...
CVE-2006-1491Eval injection vulnerability in Horde Application Framework versions ...
CVE-2006-2195Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before ...
CVE-2006-3548Multiple cross-site scripting (XSS) vulnerabilities in Horde ...
CVE-2006-3549services/go.php in Horde Application Framework 3.0.0 through 3.0.10 ...
CVE-2006-4256index.php in Horde Application Framework before 3.1.2 allows remote ...
CVE-2007-1473Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in ...
CVE-2007-1474Argument injection vulnerability in the cleanup cron script in Horde ...
CVE-2007-6018IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde ...
CVE-2008-1284Directory traversal vulnerability in Horde 3.1.6, Groupware before ...
CVE-2008-2783Multiple cross-site scripting (XSS) vulnerabilities in Horde ...
CVE-2008-3330Cross-site scripting (XSS) vulnerability in ...
CVE-2008-3650Multiple unspecified vulnerabilities in Horde Groupware Webmail before ...
CVE-2008-3823Cross-site scripting (XSS) vulnerability in MIME/MIME/Contents.php in ...
CVE-2008-3824Cross-site scripting (XSS) vulnerability in (1) ...
CVE-2008-5917Cross-site scripting (XSS) vulnerability in the XSS filter ...
CVE-2008-7218Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 ...
CVE-2009-0931Cross-site scripting (XSS) vulnerability in the tag cloud search ...
CVE-2009-0932Directory traversal vulnerability in framework/Image/Image.php in ...
CVE-2009-3236The form library in Horde Application Framework 3.2 before 3.2.5 and ...
CVE-2009-3237Multiple cross-site scripting (XSS) vulnerabilities in Horde ...
CVE-2009-3701Multiple cross-site scripting (XSS) vulnerabilities in the ...
CVE-2009-4363Text_Filter/lib/Horde/Text/Filter/Xss.php in Horde Application ...
CVE-2009-4824Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab ...
CVE-2010-1916The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 ...
CVE-2010-3077Cross-site scripting (XSS) vulnerability in util/icon_browser.php in ...
CVE-2010-3694Cross-site request forgery (CSRF) vulnerability in the Horde ...
CVE-2012-0209Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail ...
CVE-2014-1691The framework/Util/lib/Horde/Variables.php script in the Util library ...

Security announcements

DSADescription
DSA-2853-1horde3 - Remote code execution
DSA-2278-1horde3 - several
DSA-1966-1horde3 - cross-site scripting
DSA-1966-1horde3 - cross-site scripting
DSA-1897-1horde3 - arbitrary code execution
DSA-1897-1horde3 - arbitrary code execution
DSA-1765-1horde3 - several vulnerabilities
DSA-1642-1horde3 - cross site scripting
DSA-1519-1horde3 - information disclosure
DSA-1519-1horde3 - information disclosure
DSA-1470-1horde3 - missing input sanitising
DSA-1470-1horde3 - missing input sanitising
DSA-1406-1horde3 - several vulnerabilities
DSA-1406-1horde3 - several vulnerabilities
DSA-1098-1- horde3 - missing input sanitising
DSA-1033-1horde3 - several vulnerabilities
DSA-909-1horde3 - missing input sanitising
DSA-884-1horde3 - design error

Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)