FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-23 14:57:51 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
00e4050b-56c1-11e7-8e66-08606e46faadpear-Horde_Image -- DoS vulnerability

Michael J Rubinsky reports:

The second vulnerability (CVE-2017-9773) is a DOS vulnerability. This only affects Horde installations that do not have a configured image handling backend, and thus use the "Null" image driver. It is exploitable by a logged in user clicking on a maliciously crafted URL.


Discovery 2017-06-21
Entry 2017-06-21
pear-Horde_Image
gt 2.3.0 lt 2.5.0

https://lists.horde.org/archives/announce/2017/001234.html
CVE-2017-9773
a7003121-56bf-11e7-8e66-08606e46faadpear-Horde_Image -- remote code execution vulnerability

Michael J Rubinsky reports:

The fist vulnerability (CVE-2017-9774) is a Remote Code Execution vulnerability and is exploitable by a logged in user sending a maliciously crafted GET request to the Horde server.


Discovery 2017-06-21
Entry 2017-06-21
pear-Horde_Image
ge 2.0.0 lt 2.5.0

https://lists.horde.org/archives/announce/2017/001234.html
CVE-2017-9774