This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:horde:groupware_webmail_edition:1.0.2
Detail
VendorHordeFirst view 2008-03-10
ProductGroupware Webmail EditionLast view2012-01-24
Version1.0.2TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:horde:groupware_webmail_edition

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
4.32012-01-24CVE-2012-0909NetworkMediumNone Requ...
4.32012-01-24CVE-2012-0791NetworkMediumNone Requ...
102009-09-13CVE-2008-7219NetworkLowNone Requ...
102009-09-13CVE-2008-7218NetworkLowNone Requ...
92008-08-12CVE-2008-3650NetworkLowRequires ...
Hide | Show 1 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
62008-03-10CVE-2008-1284NetworkMediumRequires ...

CWE : Common Weakness Enumeration

%idName
50% (2)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
25% (1)CWE-264Permissions, Privileges, and Access Controls
25% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idName
CAPEC-3Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7Blind SQL Injection
CAPEC-8Buffer Overflow in an API Call
CAPEC-9Buffer Overflow in Local Command-Line Utilities
CAPEC-10Buffer Overflow via Environment Variables
Hide | Show 20 More...
idName
CAPEC-13Subverting Environment Variable Values
CAPEC-14Client-side Injection-induced Buffer Overflow
CAPEC-18Embedding Scripts in Nonscript Elements
CAPEC-22Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24Filter Failure through Buffer Overflow
CAPEC-28Fuzzing
CAPEC-31Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32Embedding Scripts in HTTP Query Strings
CAPEC-42MIME Conversion
CAPEC-43Exploiting Multiple Input Interpretation Layers
CAPEC-45Buffer Overflow via Symbolic Links
CAPEC-46Overflow Variables and Tags
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-52Embedding NULL Bytes
CAPEC-53Postfix, Null Terminate, and Backslash
CAPEC-63Simple Script Injection
CAPEC-64Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66SQL Injection
CAPEC-67String Format Overflow in syslog()
CAPEC-71Using Unicode Encoding to Bypass Validation Logic

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:19648DSA-2485-1 imp4 - cross site scripting
oval:org.mitre.oval:def:7854DSA-1519 horde3 -- insufficient input sanitising
oval:org.mitre.oval:def:20302DSA-1519-1 horde3 - information disclosure

Open Source Vulnerability Database (OSVDB)

idDescription
46380Horde Multiple Products Contact Views XSS
46379Horde Multiple Products Object Browser Item Names XSS
42776Horde Multiple Products Share Management Owner Validation Unspecified Issue
42775Horde Multiple Products API Unspecified Privilege Escalation
42774Horde Multiple Products theme Parameter Traversal Local File Inclusion

OpenVAS Exploits

idDescription
2012-08-10Name : Debian Security Advisory DSA 2485-1 (imp4)
File : nvt/deb_2485_1.nasl
2012-08-02Name : SuSE Update for horde3 openSUSE-SU-2012:0286-1 (horde3)
File : nvt/gb_suse_2012_0286_1.nasl
2012-08-02Name : SuSE Update for horde openSUSE-SU-2012:0287-1 (horde)
File : nvt/gb_suse_2012_0287_1.nasl
2009-02-16Name : Fedora Update for kronolith FEDORA-2008-2212
File : nvt/gb_fedora_2008_2212_kronolith_fc7.nasl
2009-02-16Name : Fedora Update for horde FEDORA-2008-2362
File : nvt/gb_fedora_2008_2362_horde_fc8.nasl
Hide | Show 3 More...
idDescription
2009-02-16Name : Fedora Update for horde FEDORA-2008-2406
File : nvt/gb_fedora_2008_2406_horde_fc7.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200805-01 (horde)
File : nvt/glsa_200805_01.nasl
2008-03-19Name : Debian Security Advisory DSA 1519-1 (horde3)
File : nvt/deb_1519_1.nasl

Nessus® Vulnerability Scanner

idDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-111.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-112.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_horde3-120217.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_horde3-dimp-120217.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_horde3-imp-120217.nasl - Type : ACT_GATHER_INFO
Hide | Show 8 More...
idDescription
2012-06-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2485.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_0_horde-081119.nasl - Type : ACT_GATHER_INFO
2008-11-25Name : The remote openSUSE host is missing a security update.
File : suse_horde-5791.nasl - Type : ACT_GATHER_INFO
2008-05-09Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200805-01.nasl - Type : ACT_GATHER_INFO
2008-03-17Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1519.nasl - Type : ACT_GATHER_INFO
2008-03-13Name : The remote Fedora host is missing a security update.
File : fedora_2008-2362.nasl - Type : ACT_GATHER_INFO
2008-03-13Name : The remote Fedora host is missing a security update.
File : fedora_2008-2406.nasl - Type : ACT_GATHER_INFO
2008-03-07Name : The remote Fedora host is missing a security update.
File : fedora_2008-2212.nasl - Type : ACT_GATHER_INFO