CVE Vulnerabilities

CVE-2007-6018

Published: Jan 11, 2008 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to (1) delete arbitrary e-mail messages via a modified numeric ID or (2) purge deleted emails via a crafted email message.

Affected Software

Name Vendor Start Version End Version
Horde Horde 3.1.5 3.1.5
Framework Horde 3.1.5 3.1.5
Groupware_webmail_edition Horde 1.0.3 1.0.3
Imp Horde 4.1.5 4.1.5

References