NVD

Id
48244  
Name
CVE-2009-0932  
Description
Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.  
Reject
 
CVSS Version
2  
CVSS Score
6.4  
Severity
Medium  
CVSS Base Score
6.4  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:N)  
Pub Date
2017-01-07  
Published
2009-03-17  
Modified Date
2011-09-21  
Seq
2009-0932  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
242536 48244 CVE-2009-0932 http://cvs.horde.org/co.php/groupware/docs/groupware/CHANGES?r=1.28.2.5  View
242537 48244 CVE-2009-0932 http://cvs.horde.org/co.php/horde/docs/CHANGES?r=1.515.2.413.2.5  View
242538 48244 CVE-2009-0932 http://cvs.horde.org/co.php/horde/docs/CHANGES?r=1.515.2.503  View
242539 48244 CVE-2009-0932 [announce] 20090127 Horde 3.3.3 (final)  View
242540 48244 CVE-2009-0932 [announce] 20090127 Horde 3.2.4 (final)  View
242541 48244 CVE-2009-0932 [announce] 20090127 Horde Groupware 1.1.5 (final)  View
242542 48244 CVE-2009-0932 SUSE-SR:2009:007  View
242543 48244 CVE-2009-0932 8077  View
242544 48244 CVE-2009-0932 33491  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
40447 JVNDB-2009-001453 Horde および Horde Groupware に含まれる framework/Image/Image.php におけるディレクトリトラバーサルの脆弱性 Horde および Horde Groupware に含まれる framework/Image/Image.php には、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2009-0932 38363 CVE-2009-0932 48244 6.4 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001453.html 2009-03-17 2009-06-30 View