Monthly Archives: March 2008

SECURITY ADVISORY: Official Horde Update to 3.1.7 and upgrades to cPanel's PHP application security model

Summary: The Horde webmail application framework has been updated to 3.1.7. Upgrades have been made in cPanel’s PHP application security model. Description: The Horde webmail application framework has been updated to 3.1.7 for the official fix to the previously announced arbitrary file inclusion vulnerability. cPanel has also made upgrades in …

Posted in News, Security | Tagged:

SECURITY ALERT: Horde arbitrary file inclusion vulnerability.

An arbitrary file inclusion vulnerability has been discovered in the Horde webmail application. At present, we can confirm that this security vulnerability in question affects Horde 3.1.6 and earlier. Based on incomplete information at this time, we also believe this affects Horde Groupware 1.0.4 and earlier as well (cPanel does …

Posted in News, Security | Tagged: ,