CVE-2012-0209

Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse) in templates/javascript/open_calendar.js, which allows remote attackers to execute arbitrary PHP code.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:horde:groupware:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:horde:groupware:1.2.10:*:webmail:*:*:*:*:*
cpe:2.3:a:horde:horde:3.3.12:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-09-25 22:55

Updated : 2024-02-04 18:16


NVD link : CVE-2012-0209

Mitre link : CVE-2012-0209

CVE.ORG link : CVE-2012-0209


JSON object : View

Products Affected

horde

  • horde
  • groupware
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')