CVE-2006-1260

Published: Mar 19, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Horde Application Framework 3.0.9 allows remote attackers to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

590

third-party-advisory

x_refsource_SREASON

GLSA-200604-02

vendor-advisory

x_refsource_GENTOO

DSA-1034

vendor-advisory

x_refsource_DEBIAN

19528

third-party-advisory

x_refsource_SECUNIA

17117

vdb-entry

x_refsource_BID

19246

third-party-advisory

x_refsource_SECUNIA

23918

vdb-entry

x_refsource_OSVDB

19692

third-party-advisory

x_refsource_SECUNIA

horde-servicesgo-information-disclosure(25239)

vdb-entry

x_refsource_XF

ADV-2006-0959

vdb-entry

x_refsource_VUPEN

19619

third-party-advisory

x_refsource_SECUNIA

1015771

vdb-entry

x_refsource_SECTRACK

DSA-1033

vendor-advisory

x_refsource_DEBIAN

20060315 CodeScan Advisory: Unauthenticated Arbitrary File Read in Horde v3.09 and prior

mailing-list

x_refsource_FULLDISC

20060315 CodeScan Advisory: Unauthenticated Arbitrary File Read in Horde v3.09 and prior

mailing-list

x_refsource_BUGTRAQ

19897

third-party-advisory

x_refsource_SECUNIA

SUSE-SR:2006:009

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2006-1260

Description

Affected Products

References