CyberSec.Space Logo
Back to CVE Browser

CVE-2006-1491

HIGH
7.5
CVSS Severity Score
EPSS Score0.1930%
EPSS Percentile31.03th
PublishedMar 29, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer.

Affected Platforms (CPE)

πŸ“¦
Horde

Application Framework

= 3.0
πŸ“¦
Horde

Application Framework

= 3.0.1
πŸ“¦
Horde

Application Framework

= 3.0.2
πŸ“¦
Horde

Application Framework

= 3.0.3
πŸ“¦
Horde

Application Framework

= 3.0.4
πŸ“¦
Horde

Application Framework

= 3.0.4_rc1
πŸ“¦
Horde

Application Framework

= 3.0.4_rc2
πŸ“¦
Horde

Application Framework

= 3.0.6
πŸ“¦
Horde

Application Framework

= 3.0.7
πŸ“¦
Horde

Application Framework

= 3.0.8
πŸ“¦
Horde

Application Framework

= 3.0.9
πŸ“¦
Horde

Application Framework

= 3.1

References & Advisories

πŸ”— http://cvs.horde.org/diff.php?f=horde%2Fservices%2Fhelp%2Findex.php&r1=2.85&r2=2.86
πŸ”— http://lists.horde.org/archives/announce/2006/000271.html
πŸ”— http://lists.horde.org/archives/announce/2006/000272.html
πŸ”— http://secunia.com/advisories/19485
πŸ”— http://secunia.com/advisories/19504
πŸ”— http://secunia.com/advisories/19528
πŸ”— http://secunia.com/advisories/19619
πŸ”— http://secunia.com/advisories/19692

Related Vulnerabilities

CVE-2013-007310.0

The Windows Forms (aka WinForms) component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict ...

CVE-2008-182610.0

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and attack vectors related to (a) Ad...

CVE-2006-027710.0

Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unspecified impact and attack vector...

CVE-2009-189610.0

The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedo...