CVE-2006-1491 Information
Description
Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer.
Reference
http://cvs.horde.org/diff.php?f=horde2Fservices2Fhelp2Findex.php&r1=2.85&r2=2.86 http://lists.horde.org/archives/announce/2006/000271.html http://lists.horde.org/archives/announce/2006/000272.html http://secunia.com/advisories/19485 http://secunia.com/advisories/19504 http://secunia.com/advisories/19528 http://secunia.com/advisories/19619 http://secunia.com/advisories/19692 http://securitytracker.com/id?1015841 http://www.attrition.org/pipermail/vim/2006-March/000671.html http://www.debian.org/security/2006/dsa-1033 http://www.debian.org/security/2006/dsa-1034 http://www.gentoo.org/security/en/glsa/glsa-200604-02.xml http://www.novell.com/linux/security/advisories/2006_07_sr.html http://www.securityfocus.com/bid/17292 http://www.vupen.com/english/advisories/2006/1154 https://exchange.xforce.ibmcloud.com/vulnerabilities/25516
Share on: