CVE Vulnerabilities

CVE-2007-1474

Published: Mar 16, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames.

Affected Software

Name Vendor Start Version End Version
Imp Horde 2.2.7 2.2.7
Imp Horde 2.2.5 2.2.5
Horde_application_framework Horde 3.0.0 3.0.0
Imp Horde 3.1 3.1
Horde_application_framework Horde 3.0.4 3.0.4
Imp Horde 3.2.4 3.2.4
Imp Horde 3.1.2 3.1.2
Imp Horde 2.2.1 2.2.1
Imp Horde 3.2.2 3.2.2
Imp Horde 2.2.2 2.2.2
Imp Horde 2.2.4 2.2.4
Imp Horde 2.0 2.0
Imp Horde 2.2.6 2.2.6
Imp Horde 3.2.3 3.2.3
Imp Horde 3.2.5 3.2.5
Imp Horde 3.2.6 3.2.6
Imp Horde 2.2 2.2
Imp Horde 2.3 2.3
Imp Horde 3.2 3.2
Imp Horde 2.2.8 2.2.8
Imp Horde 2.2.3 2.2.3
Horde_application_framework Horde 3.1.3 3.1.3
Imp Horde 3.0 3.0
Imp Horde 3.2.1 3.2.1

References