In association with heise online

15 September 2009, 10:59

Horde vulnerabilities fixed

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Horde logo New versions of the Horde Application Framework, Horde Groupware and various other Horde applications fix two cross-site scripting (XSS) vulnerabilities and one vulnerability which allows files to be overwritten. The latter only arises under specific circumstances and allows access to the file system with the web server's privileges only. In addition, attackers must have write permissions to the relevant application.

A complete overview of the updated Horde applications and the bugs fixed in the new releases can be found on the horde-announce mailing list.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-768083
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit