Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2008-1284

Disclosure Date: March 11, 2008
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Directory traversal vulnerability in Horde 3.1.6, Groupware before 1.0.5, and Groupware Webmail Edition before 1.0.6, when running with certain configurations, allows remote authenticated users to read and execute arbitrary files via “..” sequences and a null byte in the theme name.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

References

Additional Info

Technical Analysis