Gentoo Linux Security Advisory 200911-1 - Multiple vulnerabilities in the Horde Application Framework can allow for arbitrary files to be overwritten and cross-site scripting attacks. Versions less than 3.3.5 are affected.
f6bfa2f4fb881b9bbd89729802aa041d15e8a4c1e14f92e7275843455f60bf11
Debian Security Advisory 1897-1 - Stefan Esser discovered that Horde, a web application framework providing classes for dealing with preferences, compression, browser detection, connection tracking, MIME, and more, is insufficiently validating and escaping user provided input. The Horde_Form_Type_image form element allows to reuse a temporary filename on reuploads which are stored in a hidden HTML field and then trusted without prior validation. An attacker can use this to overwrite arbitrary files on the system or to upload PHP code and thus execute arbitrary code with the rights of the webserver.
74849428a088e248caf5775fc100bbbb2aa65fc2d2b0257a92f72ae1150aacd1
Horde Application Framework versions 3.2.4 and below suffer from a Horde_Form_Type_image arbitrary file overwrite vulnerability.
6b36254b02daaded256bbf6076bafdff753a55113f60cdbc47ec7d1dfe52ffb0