Download
| Alert*
DSA-2853-1 horde3 -- Remote code execution
Pedro Ribeiro from Agile Information Security found a possible remote code execution on Horde3, a web application framework. Unsanitized variables are passed to the unserialize PHP function. A remote attacker could specially-crafted one of those variables allowing her to load and execute code.
|