FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

pear-Horde_Image -- remote code execution vulnerability

Affected packages
2.0.0 <= pear-Horde_Image < 2.5.0


VuXML ID a7003121-56bf-11e7-8e66-08606e46faad
Discovery 2017-06-21
Entry 2017-06-21

Michael J Rubinsky reports:

The fist vulnerability (CVE-2017-9774) is a Remote Code Execution vulnerability and is exploitable by a logged in user sending a maliciously crafted GET request to the Horde server.


CVE Name CVE-2017-9774