Name | CVE-2009-4824 |
Description | Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an "image upload form." |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
References | DSA-1897-1 |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
horde3 | source | etch | 3.1.3-4etch6 | DSA-1897-1 | ||
horde3 | source | lenny | 3.2.2+debian0-2+lenny1 | DSA-1897-1 | ||
horde3 | source | (unstable) | 3.3.5+debian0-1 | |||
kolab-webclient | source | (unstable) | undetermined |
package only in experimental; claimed fixed in version 20091202, but not enough info to check
http://kolab.org/cgi-bin/viewcvs-kolab.cgi/*checkout*/server/patches/horde-webmail/1.2.0/tg/Attic/t_framework_H_JS_Form_FixFormSecurityForImageUploads.diff?rev=1.1.2.1&only_with_tag=kolab_2_2_branch