Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2009-0932

Published: 17/03/2009 Updated: 22/09/2011
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
VMScore: 646
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Subscribe to Debian

Vulnerability Summary

Directory traversal vulnerability in framework/Image/Image.php in Horde prior to 3.2.4 and 3.3.3 and Horde Groupware prior to 1.1.5 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

debian horde 3.2.2

debian horde 3.3

debian horde groupware 1.1.1

debian horde groupware 1.1.2

debian horde 3.2

debian horde 3.2.3

debian horde groupware 1.1.3

debian horde groupware 1.1.4

debian horde 3.3.1

debian horde 3.3.2

Vendor Advisories

Debian Security Advisories: DSA-1765-1 horde3 -- Multiple vulnerabilities
Several vulnerabilities have been found in horde3, the horde web application framework The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0932 Gunnar Wrobel discovered a directory traversal vulnerability, which allows attackers to include and execute arbitrary local files via the driver parameter in Horde ...

Exploits

Exploit DB: Horde - Horde_Image::factory driver Argument Local File Inclusion
# Exploit Title: Horde Horde_Image::factory driver Argument Local File Inclusion # Google Dork: intitle:horde # Date: 10-02-2011 # Author: skysbsb # Software Link: wwwhordeorg/download/ # Version: Horde 332 # Tested on: linux # CVE : CVE-2009-0932 The original disclosure was done by Gunnar Wrobel from Horde team it was found in a code ...
Exploit DB: Horde Local File Inclusion
Horde version 332 suffers from a local file inclusion vulnerability ...

Github Repositories

https://github.com/afzalbin64/accuknox-policy-temp

accuknox-policy-temp A community-owned library of Kubernetes System and Network policies AccuKnox Templates overview Please follow the hierarchy while contribution ├── cves │ ├── network │ │ └── cnp-CVE-2009-0932yaml │ ├── system │ │ └── ksp-CVE-2021-29156yaml │ │ └── ksp-CVE-2021-29442yaml ├──

https://github.com/kubearmor/policy-templates

Community curated list of System and Network policy templates for the KubeArmor and Cilium

Policies Libraries A community-owned library of Kubernetes System and Network policies Policy Templates overview Please follow the hierarchy while contribution ├── mitre │ ├── network │ │ └── cnp-firewall-world-blockyaml │ ├── system │ │ └── ksp-postgres-allowyaml │ │ └── ksp-privilage-pod-blockyaml â

References

CWE-22http://cvs.horde.org/co.php/groupware/docs/groupware/CHANGES?r=1.28.2.5http://secunia.com/advisories/33695http://lists.horde.org/archives/announce/2009/000482.htmlhttp://cvs.horde.org/co.php/horde/docs/CHANGES?r=1.515.2.413.2.5http://cvs.horde.org/co.php/horde/docs/CHANGES?r=1.515.2.503http://lists.horde.org/archives/announce/2009/000483.htmlhttp://www.securityfocus.com/bid/33491http://lists.horde.org/archives/announce/2009/000486.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.htmlhttp://secunia.com/advisories/34418http://secunia.com/advisories/34609http://securityreason.com/securityalert/8077https://nvd.nist.govhttps://www.debian.org/security/./dsa-1765https://www.exploit-db.com/exploits/16154/https://github.com/kubearmor/policy-templates
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook