Code Injection in Horde Application Framework



| Updated: 2020-08-10
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2014-1691
CWE-ID CWE-94
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
 Horde Application Framework
Other software / Other software solutions

Vendor Horde Project

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Code Injection

EUVDB-ID: #VU41855

Risk: Medium

CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A/U:Green]

CVE-ID: CVE-2014-1691

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: Yes

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Horde Application Framework: 5.0.0 - 5.0.4

CPE2.3 External links

https://seclists.org/oss-sec/2014/q1/153
https://seclists.org/oss-sec/2014/q1/156
https://seclists.org/oss-sec/2014/q1/169
https://www.debian.org/security/2014/dsa-2853
https://github.com/horde/horde/blob/82c400788537cfc0106b68447789ff53793ac086/bundles/groupware/docs/CHANGES#L215
https://github.com/horde/horde/commit/da6afc7e9f4e290f782eca9dbca794f772caccb3


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.



###SIDEBAR###