2010-11-24

Horde Application Framework, Horde Groupware, Horde Groupware Webmail Edition

ソフト名:Horde Application Framework 3.3.4/3.3.8, Horde Groupware 1.2.4, Horde Groupware Webmail Edition 1.2.4
回避策:アップデートにて対応
脆弱性:XSS, 認証資格情報の奪取
ソース:
http://bugs.horde.org/ticket/9357
http://lists.horde.org/archives/announce/2010/000574.html
http://lists.horde.org/archives/announce/2010/000575.html
http://lists.horde.org/archives/announce/2010/000576.html
http://www.securityfocus.com/bid/45020
http://secunia.com/advisories/42355
http://www.vupen.com/english/advisories/2010/3049
危険性:Medium Risk

0 件のコメント:

コメントを投稿