Search criteria
6 vulnerabilities found for kronolith_h3 by horde
CVE-2008-7219 (GCVE-0-2008-7219)
Vulnerability from nvd – Published: 2009-09-13 22:00 – Updated: 2024-09-17 01:06
VLAI?
Summary
Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 does not validate ownership when performing share changes, which has unknown impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:56:14.482Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "FEDORA-2008-2212",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 does not validate ownership when performing share changes, which has unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-09-13T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "FEDORA-2008-2212",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 does not validate ownership when performing share changes, which has unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "FEDORA-2008-2212",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7219",
"datePublished": "2009-09-13T22:00:00Z",
"dateReserved": "2009-09-13T00:00:00Z",
"dateUpdated": "2024-09-17T01:06:15.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-7218 (GCVE-0-2008-7218)
Vulnerability from nvd – Published: 2009-09-13 22:00 – Updated: 2024-08-07 11:56
VLAI?
Summary
Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:56:14.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "[announce] 20080122 Turba H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"name": "FEDORA-2008-2212",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Horde 3.1.6 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Turba H3 (2.1.6) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"name": "horde-hordeapi-privilege-escalation(39599)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"name": "[announce] 20080122 Horde 3.2-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"name": "42775",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/42775"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "[announce] 20080122 Turba H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"name": "FEDORA-2008-2212",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Horde 3.1.6 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Turba H3 (2.1.6) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"name": "horde-hordeapi-privilege-escalation(39599)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"name": "[announce] 20080122 Horde 3.2-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"name": "42775",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/42775"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "[announce] 20080122 Turba H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"name": "FEDORA-2008-2212",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Horde 3.1.6 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Turba H3 (2.1.6) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"name": "horde-hordeapi-privilege-escalation(39599)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"name": "[announce] 20080122 Horde 3.2-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"name": "42775",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/42775"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7218",
"datePublished": "2009-09-13T22:00:00",
"dateReserved": "2009-09-13T00:00:00",
"dateUpdated": "2024-08-07T11:56:14.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4189 (GCVE-0-2005-4189)
Vulnerability from nvd – Published: 2005-12-13 11:00 – Updated: 2024-08-07 23:38
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 before 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category and (4) Location search fields, and the (5) attendees email address fields when editing event attendees, and possibly other vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:38:51.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18827",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18827"
},
{
"name": "21609",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21609"
},
{
"name": "20051211 SEC Consult SA-20051211-0 :: Several XSS issues in Horde Framework, Kronolith Calendar, Mnemo Notes, Nag Tasks and Turba Addressbook",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0459.html"
},
{
"name": "21608",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21608"
},
{
"name": "17971",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17971"
},
{
"name": "15808",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15808"
},
{
"name": "ADV-2005-2834",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2834"
},
{
"name": "DSA-970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-970"
},
{
"name": "21611",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21611"
},
{
"name": "21610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21610"
},
{
"name": "[horde-announce] 20051211 Kronolith H3 (2.0.6) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2005/000234.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sec-consult.com/245.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 before 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category and (4) Location search fields, and the (5) attendees email address fields when editing event attendees, and possibly other vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-12-16T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18827",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18827"
},
{
"name": "21609",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21609"
},
{
"name": "20051211 SEC Consult SA-20051211-0 :: Several XSS issues in Horde Framework, Kronolith Calendar, Mnemo Notes, Nag Tasks and Turba Addressbook",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0459.html"
},
{
"name": "21608",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21608"
},
{
"name": "17971",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17971"
},
{
"name": "15808",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15808"
},
{
"name": "ADV-2005-2834",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2834"
},
{
"name": "DSA-970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-970"
},
{
"name": "21611",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21611"
},
{
"name": "21610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21610"
},
{
"name": "[horde-announce] 20051211 Kronolith H3 (2.0.6) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2005/000234.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sec-consult.com/245.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4189",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 before 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category and (4) Location search fields, and the (5) attendees email address fields when editing event attendees, and possibly other vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18827",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18827"
},
{
"name": "21609",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21609"
},
{
"name": "20051211 SEC Consult SA-20051211-0 :: Several XSS issues in Horde Framework, Kronolith Calendar, Mnemo Notes, Nag Tasks and Turba Addressbook",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0459.html"
},
{
"name": "21608",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21608"
},
{
"name": "17971",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17971"
},
{
"name": "15808",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15808"
},
{
"name": "ADV-2005-2834",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2834"
},
{
"name": "DSA-970",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-970"
},
{
"name": "21611",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21611"
},
{
"name": "21610",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21610"
},
{
"name": "[horde-announce] 20051211 Kronolith H3 (2.0.6) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2005/000234.html"
},
{
"name": "http://www.sec-consult.com/245.html",
"refsource": "MISC",
"url": "http://www.sec-consult.com/245.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4189",
"datePublished": "2005-12-13T11:00:00",
"dateReserved": "2005-12-13T00:00:00",
"dateUpdated": "2024-08-07T23:38:51.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-7219 (GCVE-0-2008-7219)
Vulnerability from cvelistv5 – Published: 2009-09-13 22:00 – Updated: 2024-09-17 01:06
VLAI?
Summary
Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 does not validate ownership when performing share changes, which has unknown impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:56:14.482Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "FEDORA-2008-2212",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 does not validate ownership when performing share changes, which has unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-09-13T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "FEDORA-2008-2212",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 does not validate ownership when performing share changes, which has unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "FEDORA-2008-2212",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7219",
"datePublished": "2009-09-13T22:00:00Z",
"dateReserved": "2009-09-13T00:00:00Z",
"dateUpdated": "2024-09-17T01:06:15.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-7218 (GCVE-0-2008-7218)
Vulnerability from cvelistv5 – Published: 2009-09-13 22:00 – Updated: 2024-08-07 11:56
VLAI?
Summary
Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:56:14.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "[announce] 20080122 Turba H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"name": "FEDORA-2008-2212",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Horde 3.1.6 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Turba H3 (2.1.6) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"name": "horde-hordeapi-privilege-escalation(39599)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"name": "[announce] 20080122 Horde 3.2-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"name": "42775",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/42775"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "[announce] 20080122 Turba H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"name": "FEDORA-2008-2212",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Horde 3.1.6 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Turba H3 (2.1.6) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"name": "horde-hordeapi-privilege-escalation(39599)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"name": "[announce] 20080122 Horde 3.2-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"name": "42775",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/42775"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "[announce] 20080122 Turba H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"name": "FEDORA-2008-2212",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Horde 3.1.6 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Turba H3 (2.1.6) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"name": "horde-hordeapi-privilege-escalation(39599)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"name": "[announce] 20080122 Horde 3.2-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"name": "42775",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/42775"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7218",
"datePublished": "2009-09-13T22:00:00",
"dateReserved": "2009-09-13T00:00:00",
"dateUpdated": "2024-08-07T11:56:14.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4189 (GCVE-0-2005-4189)
Vulnerability from cvelistv5 – Published: 2005-12-13 11:00 – Updated: 2024-08-07 23:38
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 before 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category and (4) Location search fields, and the (5) attendees email address fields when editing event attendees, and possibly other vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:38:51.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18827",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18827"
},
{
"name": "21609",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21609"
},
{
"name": "20051211 SEC Consult SA-20051211-0 :: Several XSS issues in Horde Framework, Kronolith Calendar, Mnemo Notes, Nag Tasks and Turba Addressbook",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0459.html"
},
{
"name": "21608",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21608"
},
{
"name": "17971",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17971"
},
{
"name": "15808",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15808"
},
{
"name": "ADV-2005-2834",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2834"
},
{
"name": "DSA-970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-970"
},
{
"name": "21611",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21611"
},
{
"name": "21610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21610"
},
{
"name": "[horde-announce] 20051211 Kronolith H3 (2.0.6) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2005/000234.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sec-consult.com/245.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 before 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category and (4) Location search fields, and the (5) attendees email address fields when editing event attendees, and possibly other vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-12-16T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18827",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18827"
},
{
"name": "21609",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21609"
},
{
"name": "20051211 SEC Consult SA-20051211-0 :: Several XSS issues in Horde Framework, Kronolith Calendar, Mnemo Notes, Nag Tasks and Turba Addressbook",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0459.html"
},
{
"name": "21608",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21608"
},
{
"name": "17971",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17971"
},
{
"name": "15808",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15808"
},
{
"name": "ADV-2005-2834",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2834"
},
{
"name": "DSA-970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-970"
},
{
"name": "21611",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21611"
},
{
"name": "21610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21610"
},
{
"name": "[horde-announce] 20051211 Kronolith H3 (2.0.6) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2005/000234.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sec-consult.com/245.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4189",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 before 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category and (4) Location search fields, and the (5) attendees email address fields when editing event attendees, and possibly other vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18827",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18827"
},
{
"name": "21609",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21609"
},
{
"name": "20051211 SEC Consult SA-20051211-0 :: Several XSS issues in Horde Framework, Kronolith Calendar, Mnemo Notes, Nag Tasks and Turba Addressbook",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0459.html"
},
{
"name": "21608",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21608"
},
{
"name": "17971",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17971"
},
{
"name": "15808",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15808"
},
{
"name": "ADV-2005-2834",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2834"
},
{
"name": "DSA-970",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-970"
},
{
"name": "21611",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21611"
},
{
"name": "21610",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21610"
},
{
"name": "[horde-announce] 20051211 Kronolith H3 (2.0.6) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2005/000234.html"
},
{
"name": "http://www.sec-consult.com/245.html",
"refsource": "MISC",
"url": "http://www.sec-consult.com/245.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4189",
"datePublished": "2005-12-13T11:00:00",
"dateReserved": "2005-12-13T00:00:00",
"dateUpdated": "2024-08-07T23:38:51.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}