[VIM] Recent Horde vuln..
security curmudgeon
jericho at attrition.org
Thu Sep 17 19:07:24 UTC 2009
OSVDB 58107 / Secunia 36665 / (think Steve made CVE last night?)
http://twitter.com/i0n1c/statuses/4004670780
i0n1c Horde released a security update today with my vulnerability in
it.Release announcement downplays the impact of the arbitrary file overwrite
Stefan Esser about 4h ago via Nambu
http://twitter.com/i0n1c/statuses/4004707181
i0n1c In any Horde application using image fileupload form field it is possible
to upload/overwrite arbitrary files = arbitrary PHP code execution
Stefan Esser about 4h ago via Nambu
More information about the VIM
mailing list