CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 1CVE-2022-26874
https://notcve.org/view.php?id=CVE-2022-26874
lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering. el archivo lib/Horde/Mime/Viewer/Ooo.php en Horde Mime_Viewer versiones anteriores a 2.2.4, permite un ataque de tipo XSS por medio de un documento de OpenOffice, conllevando a la toma de posesión de la cuenta en Horde Groupware Webmail Edition. Esto ocurre después de la renderización de XSLT • https://blog.sonarsource.com/horde-webmail-account-takeover-via-email https://github.com/horde/Mime_Viewer/commit/02b46cec1a7e8f1a6835b628850cd56b85963bb5 https://lists.debian.org/debian-lts-announce/2022/06/msg00007.html https://lists.debian.org/debian-lts-announce/2022/08/msg00021.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2020-8866 – Horde Groupware Webmail Edition add Page Unrestricted File Upload Arbitrary File Creation Vulnerability
https://notcve.org/view.php?id=CVE-2020-8866
This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. • https://www.exploit-db.com/exploits/48210 https://www.exploit-db.com/exploits/48209 https://lists.debian.org/debian-lts-announce/2020/03/msg00036.html https://lists.horde.org/archives/announce/2020/001288.html https://www.zerodayinitiative.com/advisories/ZDI-20-275 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.9EPSS: 0%CPEs: 12EXPL: 1CVE-2017-17688
https://notcve.org/view.php?id=CVE-2017-17688
The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification ** EN DISPUTA ** La especificación OpenPGP permite un ataque malleability-gadget Cipher Feedback Mode (CFB) que puede conducir indirectamente a la exfiltración en texto plano. Esto también se conoce como EFAIL. NOTA: terceros indican que este es un problema en aplicaciones que gestionan de manera incorrecta la característica de Modification Detection Code (MDC) o que afectan un tipo de paquete obsoleto, en lugar de un problema en la especificación OpenPGP. • http://flaked.sockpuppet.org/2018/05/16/a-unified-timeline.html http://www.securityfocus.com/bid/104162 http://www.securitytracker.com/id/1040904 https://efail.de https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060334.html https://news.ycombinator.com/item?id=17066419 https://protonmail.com/blog/pgp-vulnerability-efail https://twitter.com/matthew_d_green/status/995996706457243648 https://www.patreon.com/posts/cybersecurity-15-18814817 https://www.synology.com/support/security&#x •
CVSS: 5.9EPSS: 0%CPEs: 21EXPL: 1CVE-2017-17689
https://notcve.org/view.php?id=CVE-2017-17689
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. La especificación S/MIME permite un ataque malleability-gadget Cipher Block Chaining (CBC) que puede conducir indirectamente a la exfiltración en texto plano. Esto también se conoce como EFAIL. • http://www.securityfocus.com/bid/104165 https://efail.de https://news.ycombinator.com/item?id=17066419 https://pastebin.com/gNCc8aYm https://twitter.com/matthew_d_green/status/996371541591019520 https://www.synology.com/support/security/Synology_SA_18_22 •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3999
https://notcve.org/view.php?id=CVE-2014-3999
The Horde_Ldap library before 2.0.6 for Horde allows remote attackers to bypass authentication by leveraging knowledge of the LDAP bind user DN. La biblioteca Horde_Ldap en versiones anteriores a la 2.0.6 para Horde permite que atacantes remotos omitan la autenticación aprovechando el conocimiento del DN del usuario bind LDAP. • http://www.openwall.com/lists/oss-security/2014/06/14/1 http://www.securityfocus.com/bid/68014 https://bugzilla.redhat.com/show_bug.cgi?id=1109628 https://github.com/horde/horde/commit/4c3e18f1724ab39bfef10c189a5b52036a744d55 https://marc.info/?l=horde-announce&m=140178644816474&w=2 • CWE-287: Improper Authentication •