CVE-2017-9774

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-9774

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9774.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-9774

Related

Published

2017-06-21T18:29:00Z

Modified

2025-04-20T04:06:18.651257Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication.

References

Affected packages

Debian:11 / php-horde-image

Package

Name: php-horde-image
Purl: pkg:deb/debian/php-horde-image?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.5.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / php-horde-image

Package

Name: php-horde-image
Purl: pkg:deb/debian/php-horde-image?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.5.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/horde/image

Affected ranges

Type: GIT
Repo: https://github.com/horde/image
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0540a42c75537d2f17b93bd94567e792e395638f

Last affected

14f5fefec78a176ccbaa4b08bcb0cdb951ab0155

Last affected

1f191a196aa98c9fd77828f89ab41e0fda94f3af

Last affected

4fde53e3d477389168a53adfb3cdbd5b6e2ce00f

Last affected

75eae6b5645d3c8aafc486434d9f63758dfa82c0

Last affected

7950460b6b98ff288d1cf391a228d21f762cecaa

Last affected

7f85046c1413be7ebf89b93741e08d21964f4de8

Last affected

85627628b2a0d53004535a4661c73e9b3e30b226

Last affected

85ef1c62edaefcd5c4fc35a4aae74e29c603e747

Last affected

89747700ab2d17b71cd57be028c5671d227ac703

Last affected

9783742083e8a5d30b7de6573f2fe325f22c992d

Last affected

a7690ec10055f5971279b4165dc7b2b18bba74ac

Last affected

b37f7b9c5186ed04f75e323bf648a35615498d79

Last affected

c5883d87488fa88e57aad72c5f4531db604888ce

Last affected

d147ecb535a9e2014dd1372ae70e175b9edb583a

Last affected

dca802cdc33e44998204fe0cd992f2eca42d93a6

Last affected

ddf14bd3018cd2ac440fb43ed419ccdd5a291f62

Last affected

e4b2b3a7a51e61665e8baee0e93b8f723f94c70b

Last affected

ebd52aa26ce90b149f127965016299aac9e943fb

Last affected

efd964ce7893d68e98271f3851a2efbc44915e80

Last affected

f385841c94851f191f2f4ac275f818fc3689bd6f

Last affected

f3a5e4c66f4c45e36f23eec186ed9773b891b361

Last affected

fafaed7c8c76acb416dcb6ab4b81a11301e5a153

Last affected

fbaf6caa9699ed423c9678ddb705144ac37f286e

Affected versions

v1.*

v1.0.0

v1.0.0beta1

v1.0.0rc1

v1.0.0rc2

v1.0.1

v1.0.10

v1.0.2

v1.0.3

v1.0.4

v1.0.6

v1.0.7

v1.0.8

v1.0.9

v2.*

v2.0.0

v2.0.0alpha1

v2.0.0beta1

v2.0.0beta2

v2.0.1

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v2.0.7

v2.0.8

v2.0.9

v2.1.0

v2.2.0

v2.3.0