FreeBSD Bugzilla – Attachment 234423 Details for
Bug 264437
security/vuxml: Cannot validate entry: error: xmlAddEntity: invalid redeclaration of predefined entity
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
CVE-2022-30287 for phpxx-horde-turba
security_vuxml.diff (text/plain), 2.50 KB, created by
Thierry Thomas
on 2022-06-03 16:04:26 UTC
(
hide
)
Description:
CVE-2022-30287 for phpxx-horde-turba
Filename:
MIME Type:
Creator:
Thierry Thomas
Created:
2022-06-03 16:04:26 UTC
Size:
2.50 KB
patch
obsolete
>From 415806872f188e8dcc0d80f40d6466e6db8f44c3 Mon Sep 17 00:00:00 2001 >From: Thierry Thomas <thierry@FreeBSD.org> >Date: Thu, 2 Jun 2022 19:00:23 +0200 >Subject: [PATCH] security/vuxml: declare a vulnerability for Horde-Turba > >--- > security/vuxml/vuln-2022.xml | 44 ++++++++++++++++++++++++++++++++++++ > 1 file changed, 44 insertions(+) > >diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml >index a88619e15f72..330cbcc40049 100644 >--- a/security/vuxml/vuln-2022.xml >+++ b/security/vuxml/vuln-2022.xml >@@ -1,3 +1,47 @@ >+ <vuln vid="bb30748d-e294-11ec-ae35-a0f3c100ae18"> >+ <topic>Remote Code Execution via Email found in Turba</topic> >+ <affects> >+ <package> >+ <name>php74-horde-turba</name> >+ <name>php80-horde-turba</name> >+ <name>php81-horde-turba</name> >+ <range><le>4.2.25</le></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>Sonar Blog reports:</p> >+ <blockquote cite="https://blog.sonarsource.com/horde-webmail-rce-via-email/"> >+ <p>The discovered code vulnerability (CVE-2022-30287) allows an >+ authenticated user of a Horde instance to execute arbitrary code >+ on the underlying server.</p> >+ <p>The vulnerability can be exploited with a single GET request >+ which can be triggered via Cross-Site-Request-Forgery. For this, >+ an attacker can craft a malicious email and include an external >+ image that when rendered exploits the vulnerability without >+ further interaction of a victim: the only requirement is to have >+ a victim open the malicious email.</p> >+ <p>The vulnerability exists in the default configuration and can >+ be exploited with no knowledge of a targeted Horde instance. We >+ confirmed that it exists in the latest version. The vendor has >+ not released a patch at the time of writing.</p> >+ <p>Another side-effect of this vulnerability is that the >+ clear-text credentials of the victim triggering the exploit are >+ leaked to the attacker. The adversary could then use them to >+ gain access to even more services of an organization.</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <cvename>CVE-2022-30287</cvename> >+ <url>https://blog.sonarsource.com/horde-webmail-rce-via-email/</url> >+ </references> >+ <dates> >+ <discovery>2022-05-31</discovery> >+ <entry>2022-06-02</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="40e2c35e-db99-11ec-b0cf-3065ec8fd3ec"> > <topic>chromium -- multiple vulnerabilities</topic> > <affects> >-- >2.36.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=234423">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 264437
: 234423