Explore top 10 tips to secure your open-source projects now. Read More
×Gentoo Linux Security Advisory GLSA 200701-11
https://security.gentoo.org/
Severity: Low
Title: Kronolith: Local file inclusion
Date: January 16, 2007
Bugs: #156627
ID: 200701-11
Synopsis
=======
Kronolith contains a flaw that could allow the execution of arbitrary
files.
Background
=========
Kronolith is a web-based calendar which relies on the Horde Framework
for integration with other applications.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-apps/horde-kronolith < 2.1.4 >= 2.1.4
==========
Kronolith contains a mistake in lib/FBView.php where a raw, unfiltered
string is used instead of a sanitized string to view local files.
Impact
=====
An authentica...
style>.gentoo_availability{display:block;}
Get the latest Linux and open source security news straight to your inbox.