Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveDebianCVE-2012-0209
HistorySep 25, 2012 - 10:55 p.m.

CVE-2012-0209

2012-09-2522:55:00
CWE-94
debian
web.nvd.nist.gov
116
cve-2012-0209
horde
groupware
webmail
ftp
remote code execution
trojan horse
nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.607

Percentile

97.8%

JSON

Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse) in templates/javascript/open_calendar.js, which allows remote attackers to execute arbitrary PHP code.

Affected configurations

Nvd
Node
hordegroupwareMatch1.2.10
OR
hordegroupwareMatch1.2.10webmail
OR
hordehordeMatch3.3.12
VendorProductVersionCPE
hordegroupware1.2.10cpe:2.3:a:horde:groupware:1.2.10:*:*:*:*:*:*:*
hordegroupware1.2.10cpe:2.3:a:horde:groupware:1.2.10:*:webmail:*:*:*:*:*
hordehorde3.3.12cpe:2.3:a:horde:horde:3.3.12:*:*:*:*:*:*:*

Related

zdt 1
cvelist 1
seebug 1
nvd 1
openvas 2
checkpoint_advisories 1
metasploit 1
prion 1
ubuntucve 1
d2 1
nessus 1
exploitdb 1
packetstorm 1
dsquare 1
zdt
zdt
Horde 3.3.12 Backdoor Arbitrary PHP Code Execution
2012-02-17 00:00:00
cvelist
cvelist
CVE-2012-0209
2012-09-25 22:00:00
seebug
seebug
Horde 3.3.12 Backdoor Arbitrary PHP Code Execution
2014-07-01 00:00:00
nvd
nvd
CVE-2012-0209
2012-09-25 22:55:00
openvas
openvas
Horde Groupware Source Packages Backdoor Vulnerability
2012-02-16 00:00:00
Horde Groupware Source Packages Backdoor Vulnerability
2012-02-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Horde FTP Server Backdoor Arbitrary PHP Code Execution (CVE-2012-0209)
2012-12-23 00:00:00
metasploit
metasploit
Horde 3.3.12 Backdoor Arbitrary PHP Code Execution
2012-02-16 09:10:55
prion
prion
Code injection
2012-09-25 22:55:00
ubuntucve
ubuntucve
CVE-2012-0209
2012-09-25 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_HORDE_BACKDOOR
2012-09-25 22:55:00
nessus
nessus
Horde 3.3.12 open_calendar.js Backdoor
2012-02-17 00:00:00
exploitdb
exploitdb
Horde 3.3.12 - Backdoor Arbitrary PHP Code Execution (Metasploit)
2012-02-17 00:00:00
packetstorm
packetstorm
Horde 3.3.12 Backdoor Arbitrary PHP Code Execution
2012-02-17 00:00:00
dsquare
dsquare
Horde RCE
2012-02-15 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.607

Percentile

97.8%

JSON
Related for CVE-2012-0209
zdt1cvelist1seebug1nvd1openvas2checkpoint_advisories1metasploit1prion1ubuntucve1d21nessus1exploitdb1packetstorm1dsquare1