CVE Vulnerabilities

CVE-2003-0025

Published: Jan 17, 2003 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.

Affected Software

Name Vendor Start Version End Version
Imp Horde 2.2 2.2
Imp Horde 2.2.1 2.2.1
Imp Horde 2.2.2 2.2.2
Imp Horde 2.2.3 2.2.3
Imp Horde 2.2.4 2.2.4
Imp Horde 2.2.5 2.2.5
Imp Horde 2.2.6 2.2.6
Imp Horde 2.2.7 2.2.7
Imp Horde 2.2.8 2.2.8

References