The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-04-01T15:00:00
Updated: 2024-08-06T09:50:10.620Z
Reserved: 2014-01-28T00:00:00
Link: CVE-2014-1691
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-04-01T15:55:06.363
Modified: 2024-11-21T02:04:50.083
Link: CVE-2014-1691
Redhat
No data.