CVE Vulnerabilities

CVE-2008-7219

Published: Sep 13, 2009 | Modified: Apr 05, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 does not validate ownership when performing share changes, which has unknown impact and attack vectors.

Affected Software

Name Vendor Start Version End Version
Groupware Horde 1.0 1.0
Groupware Horde 1.0.1 1.0.1
Groupware Horde 1.0.2 1.0.2
Groupware Horde 1.1 1.1
Groupware_webmail_edition Horde 1.0 1.0
Groupware_webmail_edition Horde 1.0.2 1.0.2
Groupware_webmail_edition Horde 1.0.3 1.0.3
Groupware_webmail_edition Horde 1.1 1.1
Kronolith_h3 Horde 2.1 2.1
Kronolith_h3 Horde 2.1.1 2.1.1
Kronolith_h3 Horde 2.1.2 2.1.2
Kronolith_h3 Horde 2.1.3 2.1.3
Kronolith_h3 Horde 2.1.4 2.1.4
Kronolith_h3 Horde 2.1.5 2.1.5
Kronolith_h3 Horde 2.1.6 2.1.6
Kronolith_h3 Horde 2.2 2.2
Mnemo_h3 Horde 2.1 2.1
Mnemo_h3 Horde 2.1.1 2.1.1
Mnemo_h3 Horde 2.2 2.2
Nag_h3 Horde 2.1 2.1
Nag_h3 Horde 2.1.1 2.1.1
Nag_h3 Horde 2.1.2 2.1.2
Nag_h3 Horde 2.1.3 2.1.3
Nag_h3 Horde 2.2 2.2
Kronolith2 Ubuntu dapper *
Kronolith2 Ubuntu hardy *
Kronolith2 Ubuntu upstream *

References