CVE-2014-2027

Related Files

Gentoo Linux Security Advisory 201711-12

Posted Nov 13, 2017

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201711-12 - Multiple vulnerabilities have been found in eGroupWare, the worst of which allows remote attackers to execute arbitrary code. Versions less than 1.8.004.20120613 are affected.

tags | advisory, remote, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2014-2027

SHA-256 | 37744d37c65dfee73209d39dfc358adb6757ead24256f4aed09c5774cf263a63

Download | Favorite | View

Mandriva Linux Security Advisory 2015-087

Posted Mar 30, 2015

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-087 - eGroupware prior to 1.8.006.20140217 is vulnerable to remote file deletion and possible remote code execution due to user input being passed to PHP's unserialize() method. eGroupWare before 1.8.007 allows logged in users with administrative privileges to remotely execute arbitrary commands on the server. It is also vulnerable to a cross site request forgery vulnerability that allows creating new administrative users.

tags | advisory, remote, arbitrary, php, code execution, csrf

systems | linux, mandriva

advisories | CVE-2014-2027

SHA-256 | 574fe6d4c54586156bb4f27078d034bf2e81e5dc942e3eff6ea39230993dfeca

Download | Favorite | View

Egroupware 1.8.005 PHP Object Insertion

Posted Feb 21, 2014

Authored by Pedro Ribeiro

Egroupware versions 1.8.005 and below suffer from a PHP object insertion vulnerability that can allow for arbitrary file deletion and possibly code execution.

tags | exploit, arbitrary, php, code execution

advisories | CVE-2014-2027

SHA-256 | 6acf0c7bb78bf16c4e7a80bf94295df8ed76adf8b9f716ddf1396c8f075f25e8

Download | Favorite | View