CVE Vulnerabilities

CVE-2001-1258

Published: Jul 21, 2001 | Modified: Mar 08, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
3.6 LOW
AV:L/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.

Affected Software

Name Vendor Start Version End Version
Imp Horde 2.0 (including) 2.0 (including)
Imp Horde 2.2 (including) 2.2 (including)
Imp Horde 2.2.1 (including) 2.2.1 (including)
Imp Horde 2.2.2 (including) 2.2.2 (including)
Imp Horde 2.2.3 (including) 2.2.3 (including)
Imp Horde 2.2.4 (including) 2.2.4 (including)
Imp Horde 2.2.5 (including) 2.2.5 (including)

References