Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

Gentoo: GLSA-200701-11 Low Severity: Kronolith Local File Inclusion Threat

gentoo
Calendar Grey January 17, 2007
Dist Gentoo Esm H88
In Gentoo's GLSA 202110-20, a minor vulnerability is identified in Horde's Whups that can lead to unauthorized access concerns.
Kronolith contains a flaw that could allow the execution of arbitrary files.

Summary

Gentoo Linux Security Advisory GLSA 200701-11 https://security.gentoo.org/ Severity: Low Title: Kronolith: Local file inclusion Date: January 16, 2007 Bugs: #156627 ID: 200701-11

Synopsis ======= Kronolith contains a flaw that could allow the execution of arbitrary files.
Background ========= Kronolith is a web-based calendar which relies on the Horde Framework for integration with other applications.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apps/horde-kronolith < 2.1.4 >= 2.1.4
========== Kronolith contains a mistake in lib/FBView.php where a raw, unfiltered string is used instead of a sanitized string to view local files.
Impact ===== An authentica...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
low
Lowest
Low
Medium
High
Critical

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround