Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2009-0932
HistoryMar 17, 2009 - 9:30 p.m.

CVE-2009-0932

2009-03-1721:30:00
CWE-22
mitre
web.nvd.nist.gov
78
4
cve-2009-0932
directory traversal
vulnerability
security
horde
nvd

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

AI Score

7.6

Confidence

High

EPSS

0.04

Percentile

92.1%

JSON

Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.

Affected configurations

Nvd
Node
debianhordeMatch3.2
OR
debianhordeMatch3.2.2
OR
debianhordeMatch3.2.3
OR
debianhordeMatch3.3
OR
debianhordeMatch3.3.1
OR
debianhordeMatch3.3.2
OR
debianhorde_groupwareMatch1.1.1
OR
debianhorde_groupwareMatch1.1.2
OR
debianhorde_groupwareMatch1.1.3
OR
debianhorde_groupwareMatch1.1.4
VendorProductVersionCPE
debianhorde3.2cpe:2.3:a:debian:horde:3.2:*:*:*:*:*:*:*
debianhorde3.2.2cpe:2.3:a:debian:horde:3.2.2:*:*:*:*:*:*:*
debianhorde3.2.3cpe:2.3:a:debian:horde:3.2.3:*:*:*:*:*:*:*
debianhorde3.3cpe:2.3:a:debian:horde:3.3:*:*:*:*:*:*:*
debianhorde3.3.1cpe:2.3:a:debian:horde:3.3.1:*:*:*:*:*:*:*
debianhorde3.3.2cpe:2.3:a:debian:horde:3.3.2:*:*:*:*:*:*:*
debianhorde_groupware1.1.1cpe:2.3:a:debian:horde_groupware:1.1.1:*:*:*:*:*:*:*
debianhorde_groupware1.1.2cpe:2.3:a:debian:horde_groupware:1.1.2:*:*:*:*:*:*:*
debianhorde_groupware1.1.3cpe:2.3:a:debian:horde_groupware:1.1.3:*:*:*:*:*:*:*
debianhorde_groupware1.1.4cpe:2.3:a:debian:horde_groupware:1.1.4:*:*:*:*:*:*:*

Social References

More

Related

nuclei 1
openvas 14
cvelist 1
seebug 2
d2 1
zdt 1
exploitpack 1
exploitdb 1
packetstorm 1
ubuntucve 1
nessus 8
dsquare 1
prion 1
nvd 1
debian 2
osv 1
securityvulns 1
gentoo 1
fedora 3
nuclei
nuclei
Horde/Horde Groupware - Local File Inclusion
2021-07-27 05:32:32
openvas
openvas
Horde Products Local File Include and XSS Vulnerabilities
2009-04-10 00:00:00
Horde Products Local File Inclusion Vulnerability
2011-02-17 00:00:00
Horde Products Local File Inclusion Vulnerability
2011-02-17 00:00:00
cvelist
cvelist
CVE-2009-0932
2009-03-17 21:00:00
seebug
seebug
Horde Horde_Image::factory driver Argument Local File Inclusion
2014-07-01 00:00:00
HordeδΊ§ε“ζœ¬εœ°ζ–‡δ»ΆεŒ…ε«ε’Œθ·¨η«™θ„šζœ¬ζΌζ΄ž
2009-03-19 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_HORDE
2009-03-17 21:30:00
zdt
zdt
Horde Horde_Image::factory driver Argument Local File Inclusion
2011-02-12 00:00:00
exploitpack
exploitpack
Horde - Horde_Image::factory driver Argument Local File Inclusion
2011-02-11 00:00:00
exploitdb
exploitdb
Horde - Horde_Image::factory driver Argument Local File Inclusion
2011-02-11 00:00:00
packetstorm
packetstorm
Horde Local File Inclusion
2011-02-11 00:00:00
ubuntucve
ubuntucve
CVE-2009-0932
2009-03-17 00:00:00
nessus
nessus
Horde Horde_Image::factory driver Argument Local File Inclusion
2009-01-29 00:00:00
openSUSE 10 Security Update : horde (horde-6099)
2009-03-24 00:00:00
openSUSE Security Update : horde (horde-657)
2009-07-21 00:00:00
dsquare
dsquare
Horde < 3.3.2 LFI
2012-02-01 00:00:00
prion
prion
Directory traversal
2009-03-17 21:30:00
nvd
nvd
CVE-2009-0932
2009-03-17 21:30:00
debian
debian
[SECURITY] [DSA 1765-1] New horde3 packages fix several vulnerabilities
2009-04-08 13:22:34
[SECURITY] [DSA 1765-1] New horde3 packages fix several vulnerabilities
2009-04-08 13:22:34
osv
osv
horde3 - several vulnerabilities
2009-04-08 00:00:00
securityvulns
securityvulns
Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2009-04-10 00:00:00
gentoo
gentoo
Horde: Multiple vulnerabilities
2009-09-12 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: horde-3.3.6-1.fc11
2010-04-01 01:40:32
[SECURITY] Fedora 13 Update: horde-3.3.6-1.fc13
2010-04-01 17:20:56
[SECURITY] Fedora 12 Update: horde-3.3.6-1.fc12
2010-04-01 01:51:02

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

AI Score

7.6

Confidence

High

EPSS

0.04

Percentile

92.1%

JSON
Related for CVE-2009-0932
nuclei1openvas14cvelist1seebug2d21zdt1exploitpack1exploitdb1packetstorm1ubuntucve1nessus8dsquare1prion1nvd1debian2osv1securityvulns1gentoo1fedora3