1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Horde Groupware Sources Packages Backdoor CVE-2012-0209

Attack: Horde Groupware Sources Packages Backdoor CVE-2012-0209

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to access a backdoor in Horde Groupware which could result in arbitrary code execution.

Additional Information

Horde Groupware is a web-based collaboration suite implemented in PHP.

Horde Groupware is prone to a backdoor vulnerability. This issue occurs because the Horde Groupware source code repository was compromised and replaced with source code packages that contain a backdoor.

Attackers can exploit this issue to execute arbitrary code in the context of the application. Successful attacks will compromise the affected application.

Affected

  • Horde Groupware versions 1.2.10 between November 2, 2011, and February 7, 2012, are vulnerable.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube