This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:horde:groupware
Detail
VendorHordeFirst view 2007-01-30
ProductGroupwareLast view 2012-09-25
VersionTypeApplication
Edition 
Language 
Update 

Activity : Yearly

COMMON PLATFORM ENUMERATION : Repartition per Version

CPE NameAffected CVE
cpe:/a:horde:groupware:1.2.6::webmail3
cpe:/a:horde:groupware:1.2.5::webmail3
cpe:/a:horde:groupware:1.2.42
cpe:/a:horde:groupware:1.2.4::webmail5
cpe:/a:horde:groupware:1.2.3:rc1:webmail7
Hide | Show 49 More...
CPE NameAffected CVE
cpe:/a:horde:groupware:1.2.33
cpe:/a:horde:groupware:1.2.3::webmail7
cpe:/a:horde:groupware:1.2.23
cpe:/a:horde:groupware:1.2.2::webmail7
cpe:/a:horde:groupware:1.2.101
cpe:/a:horde:groupware:1.2.10::webmail1
cpe:/a:horde:groupware:1.2.13
cpe:/a:horde:groupware:1.2.1::webmail7
cpe:/a:horde:groupware:1.23
cpe:/a:horde:groupware:1.2::webmail7
cpe:/a:horde:groupware:1.2:rc13
cpe:/a:horde:groupware:1.2:rc1:webmail7
cpe:/a:horde:groupware:1.1.6::webmail6
cpe:/a:horde:groupware:1.1.53
cpe:/a:horde:groupware:1.1.5::webmail6
cpe:/a:horde:groupware:1.1.43
cpe:/a:horde:groupware:1.1.4::webmail7
cpe:/a:horde:groupware:1.1.33
cpe:/a:horde:groupware:1.1.3::webmail7
cpe:/a:horde:groupware:1.1.2::webmail7
cpe:/a:horde:groupware:1.1.23
cpe:/a:horde:groupware:1.1.13
cpe:/a:horde:groupware:1.1.1::webmail7
cpe:/a:horde:groupware:1.1:rc3:webmail7
cpe:/a:horde:groupware:1.1:rc4:webmail7
cpe:/a:horde:groupware:1.15
cpe:/a:horde:groupware:1.1::webmail7
cpe:/a:horde:groupware:1.1:rc1:webmail7
cpe:/a:horde:groupware:1.1:rc2:webmail7
cpe:/a:horde:groupware:1.0_rc31
cpe:/a:horde:groupware:1.0_rc21
cpe:/a:horde:groupware:1.0.8::webmail5
cpe:/a:horde:groupware:1.0.7::webmail5
cpe:/a:horde:groupware:1.0.6::webmail5
cpe:/a:horde:groupware:1.0.53
cpe:/a:horde:groupware:1.0.5::webmail5
cpe:/a:horde:groupware:1.0.43
cpe:/a:horde:groupware:1.0.4::webmail5
cpe:/a:horde:groupware:1.0.33
cpe:/a:horde:groupware:1.0.3::webmail5
cpe:/a:horde:groupware:1.0.24
cpe:/a:horde:groupware:1.0.2::webmail5
cpe:/a:horde:groupware:1.0.1::webmail5
cpe:/a:horde:groupware:1.0.14
cpe:/a:horde:groupware:1.0::webmail6
cpe:/a:horde:groupware:1.0:rc1:webmail5
cpe:/a:horde:groupware:1.0:rc2:webmail5
cpe:/a:horde:groupware:1.04
cpe:/a:horde:groupware1

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentification
7.52012-09-25CVE-2012-0209NetworkLowNone Requ...
4.32011-04-04CVE-2010-4778NetworkMediumNone Requ...
4.32011-04-04CVE-2010-3693NetworkMediumNone Requ...
4.32011-03-31CVE-2010-3695NetworkMediumNone Requ...
4.32009-12-21CVE-2009-4363NetworkMediumNone Requ...
Hide | Show 11 More...
 DateAlertAccess VectorAccess ComplexityAuthentification
4.32009-12-21CVE-2009-3701NetworkMediumNone Requ...
4.32009-09-17CVE-2009-3237NetworkMediumNone Requ...
4.32009-09-17CVE-2009-3236NetworkMediumNone Requ...
102009-09-13CVE-2008-7219NetworkLowNone Requ...
102009-09-13CVE-2008-7218NetworkLowNone Requ...
4.32008-06-19CVE-2008-2783NetworkMediumNone Requ...
4.32008-04-27CVE-2008-1974NetworkMediumNone Requ...
62008-03-10CVE-2008-1284NetworkMediumRequires ...
4.92008-02-18CVE-2008-0807NetworkMediumRequires ...
4.32007-03-26CVE-2007-1679NetworkMediumNone Requ...
5.12007-01-30CVE-2007-0579NetworkHighNone Requ...

CWE : Common Weakness Enumeration

%idName
66% (8)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
16% (2)CWE-264Permissions, Privileges, and Access Controls
8% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
8% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...

CAPEC : Common Attack Pattern Enumeration & Classificatio

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idName
CAPEC-3Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7Blind SQL Injection
CAPEC-8Buffer Overflow in an API Call
CAPEC-9Buffer Overflow in Local Command-Line Utilities
CAPEC-10Buffer Overflow via Environment Variables
Hide | Show 20 More...
idName
CAPEC-13Subverting Environment Variable Values
CAPEC-14Client-side Injection-induced Buffer Overflow
CAPEC-18Embedding Scripts in Nonscript Elements
CAPEC-22Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24Filter Failure through Buffer Overflow
CAPEC-28Fuzzing
CAPEC-31Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32Embedding Scripts in HTTP Query Strings
CAPEC-42MIME Conversion
CAPEC-43Exploiting Multiple Input Interpretation Layers
CAPEC-45Buffer Overflow via Symbolic Links
CAPEC-46Overflow Variables and Tags
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-52Embedding NULL Bytes
CAPEC-53Postfix, Null Terminate, and Backslash
CAPEC-63Simple Script Injection
CAPEC-64Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66SQL Injection
CAPEC-67String Format Overflow in syslog()
CAPEC-71Using Unicode Encoding to Bypass Validation Logic

Open Source Vulnerability Database (OSVDB)

idDescription
68267Horde DIMP Mailbox Page Folder Label XSS
68261Horde IMP fetchmailprefs.php fm_id Parameter XSS
61338Horde Xss.php Filter Bypass data:// URI XSS
61304Horde Administration Interface admin/sqlshell.php PATH_INFO Parameter XSS
61303Horde Administration Interface admin/cmdshell.php PATH_INFO Parameter XSS
Hide | Show 14 More...
idDescription
61043Horde Administration Interface admin/phpshell.php PATH_INFO Parameter XSS
58109Horde Application Framework Numeric Preference Type XSS
58108Horde Application Framework MIME Viewer Text Part Rendering XSS
58107Horde Application Framework Form Library Image Form Field Arbitrary File Over...
46702Horde Multiple Product day.php PATH_INFO XSS
46701Horde Multiple Product workweek.php PATH_INFO XSS
46700Horde Multiple Product week.php PATH_INFO XSS
44557Kronolith addevent.php url Parameter XSS
42779Horde Turba 2 (turba2) Contact Manager H3 lib/Driver/sql.php Unauthorized Dat...
42776Horde Multiple Products Share Management Owner Validation Unspecified Issue
42775Horde Multiple Products API Unspecified Privilege Escalation
42774Horde Multiple Products theme Parameter Traversal Local File Inclusion
35181Horde Webmail ingo/rule.php XSS
33083Horde Groupware Calendar Component Unspecified Issue

ExploitDB Exploits

idDescription
18492Horde 3.3.12 Backdoor Arbitrary PHP Code Execution
10512Horde 3.3.5 "PHP_SELF" XSS vulnerability

Metasploit Exploits

idDescription
2012-02-13Horde 3.3.12 Backdoor Arbitrary PHP Code Execution