CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-1491

HIGH
7.5
CVSS Severity Score
EPSS Score0.1930%
EPSS Percentile31.03th
Published2006年3月29日
Last Modified2026年4月16日

Vulnerability Description

Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer.

Affected Platforms (CPE)

📦
Horde

Application Framework

= 3.0
📦
Horde

Application Framework

= 3.0.1
📦
Horde

Application Framework

= 3.0.2
📦
Horde

Application Framework

= 3.0.3
📦
Horde

Application Framework

= 3.0.4
📦
Horde

Application Framework

= 3.0.4_rc1
📦
Horde

Application Framework

= 3.0.4_rc2
📦
Horde

Application Framework

= 3.0.6
📦
Horde

Application Framework

= 3.0.7
📦
Horde

Application Framework

= 3.0.8
📦
Horde

Application Framework

= 3.0.9
📦
Horde

Application Framework

= 3.1

References & Advisories

🔗 http://cvs.horde.org/diff.php?f=horde%2Fservices%2Fhelp%2Findex.php&r1=2.85&r2=2.86
🔗 http://lists.horde.org/archives/announce/2006/000271.html
🔗 http://lists.horde.org/archives/announce/2006/000272.html
🔗 http://secunia.com/advisories/19485
🔗 http://secunia.com/advisories/19504
🔗 http://secunia.com/advisories/19528
🔗 http://secunia.com/advisories/19619
🔗 http://secunia.com/advisories/19692

関連する脆弱性情報

CVE-2013-007310.0

The Windows Forms (aka WinForms) component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict ...

CVE-2008-182610.0

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and attack vectors related to (a) Ad...

CVE-2006-027710.0

Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unspecified impact and attack vector...

CVE-2009-189610.0

The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedo...