1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
Candidate: CVE-2012-0209
PublicDate: 2012-09-25
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0209
http://dev.horde.org/h/jonah/stories/view.php?channel_id=1&id=155
Description:
Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition
1.2.10, as distributed by FTP between November 2011 and February 2012,
contains an externally introduced modification (Trojan Horse) in
templates/javascript/open_calendar.js, which allows remote attackers to
execute arbitrary PHP code.
Ubuntu-Description:
Notes:
jdstrand> upstream server compromised and backdoor is found
Bugs:
Priority: high
Discovered-by:
Assigned-to:
Patches_horde3:
upstream_horde3: released (3.3.12+debian0-2)
hardy_horde3: not-affected
lucid_horde3: not-affected
maverick_horde3: not-affected
natty_horde3: not-affected
oneiric_horde3: not-affected
devel_horde3: released (3.3.12+debian0-2)
|