Candidate: CVE-2020-8866
PublicDate: 2020-03-23 21:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8866
 https://lists.horde.org/archives/announce/2020/001288.html
 https://www.zerodayinitiative.com/advisories/ZDI-20-275/
 https://github.com/horde/Form/commit/813f8e7e9479fad4546b89c569325ee9eef60b0f
Description:
 This vulnerability allows remote attackers to create arbitrary files on
 affected installations of Horde Groupware Webmail Edition 5.2.22.
 Authentication is required to exploit this vulnerability. The specific flaw
 exists within add.php. The issue results from the lack of proper validation
 of user-supplied data, which can allow the upload of arbitrary files. An
 attacker can leverage this in conjunction with other vulnerabilities to
 execute code in the context of the www-data user. Was ZDI-CAN-10125.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955020
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N [6.5 MEDIUM]


Patches_php-horde-form:
upstream_php-horde-form: needs-triage
precise/esm_php-horde-form: DNE
trusty_php-horde-form: ignored (out of standard support)
trusty/esm_php-horde-form: DNE
xenial_php-horde-form: ignored (end of standard support, was needs-triage)
bionic_php-horde-form: needs-triage
eoan_php-horde-form: ignored (reached end-of-life)
focal_php-horde-form: DNE
groovy_php-horde-form: DNE
hirsute_php-horde-form: DNE
impish_php-horde-form: DNE
jammy_php-horde-form: DNE
devel_php-horde-form: DNE