Horde.Backdoor.Arbitrary.PHP.Code.Execution
Description
This indicates an attempt to exploit a remote Code Execution vulnerability in Horde Framework.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. Remote attackers may be able to exploit this to execute arbitrary code on remote systems by including PHP sequences in certain parameters.
Affected Products
Horde 3.3.12 and Horde Groupware 1.2.10
Impact
System compromise: remote PHP code execution.
Recommended Actions
Apply patch available from the website.
http://dev.horde.org/h/jonah/stories/view.php?channel_id=1&id=155
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |