CVE-2012-0209

{"id": "CVE-2012-0209", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-09-25T22:55:00.753", "references": [{"url": "http://dev.horde.org/h/jonah/stories/view.php?channel_id=1&id=155", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "security@debian.org"}, {"url": "http://eromang.zataz.com/2012/02/15/cve-2012-0209-horde-backdoor-analysis/", "tags": ["Exploit"], "source": "security@debian.org"}, {"url": "http://lists.horde.org/archives/announce/2012/000751.html", "tags": ["Exploit", "Patch"], "source": "security@debian.org"}, {"url": "http://packetstormsecurity.org/files/109874/Horde-3.3.12-Backdoor-Arbitrary-PHP-Code-Execution.html", "tags": ["Exploit"], "source": "security@debian.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=790877", "tags": ["Patch"], "source": "security@debian.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse) in templates/javascript/open_calendar.js, which allows remote attackers to execute arbitrary PHP code."}, {"lang": "es", "value": "Horde v3.3.12, Horde Groupware v1.2.10, y Horde Groupware Webmail Edition v1.2.10, como el distribuido por FTP entre noviembre del 2011 y febrero del 2012, contiene unas modificaciones introducidas externamente (troyano) en templates/javascript/open_calendar.js, lo que permite a atacantes remotos ejecutar c\u00f3digo PHP."}], "lastModified": "2012-09-26T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:horde:groupware:1.2.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "121E4B35-373A-4CB8-8F07-15DF6A561A57"}, {"criteria": "cpe:2.3:a:horde:groupware:1.2.10:*:webmail:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B058CCB-D628-4919-A07B-E9699325289F"}, {"criteria": "cpe:2.3:a:horde:horde:3.3.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2EA3564-82E2-4FD8-AA0C-F508254E389A"}], "operator": "OR"}]}], "sourceIdentifier": "security@debian.org"}