CVE-2007-6018

NONECVSS 0.0

0.0

IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to (1) delete arbitrary e-mail messages via a modified numeric ID or (2) "purge" deleted emails via a crafted email message.

🔗 References (38)

PSIRT-CNA@flexerasoftwarehttp://cvs.horde.org/diff.php/groupware/docs/groupware/CHANGES?r1=1.17&r2=1.17.2.1&ty=h
PSIRT-CNA@flexerasoftwarehttp://cvs.horde.org/diff.php/groupware/docs/webmail/CHANGES?r1=1.12&r2=1.12.2.1&ty=h
PSIRT-CNA@flexerasoftwarehttp://lists.horde.org/archives/announce/2008/000360.html
PSIRT-CNA@flexerasoftwarehttp://lists.horde.org/archives/announce/2008/000365.html
PSIRT-CNA@flexerasoftwarehttp://lists.horde.org/archives/announce/2008/000366.html
PSIRT-CNA@flexerasoftwarehttp://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html
PSIRT-CNA@flexerasoftwarehttp://secunia.com/advisories/28020
PSIRT-CNA@flexerasoftwarehttp://secunia.com/advisories/28546
PSIRT-CNA@flexerasoftwarehttp://secunia.com/advisories/29184
PSIRT-CNA@flexerasoftwarehttp://secunia.com/advisories/29185
PSIRT-CNA@flexerasoftwarehttp://secunia.com/advisories/29186
PSIRT-CNA@flexerasoftwarehttp://secunia.com/advisories/34418
PSIRT-CNA@flexerasoftwarehttp://secunia.com/secunia_research/2007-102/advisory/
PSIRT-CNA@flexerasoftwarehttp://www.debian.org/security/2008/dsa-1470
PSIRT-CNA@flexerasoftwarehttp://www.securityfocus.com/bid/27223

Is Your Infrastructure Affected by CVE-2007-6018?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-6018

📅 Published

🔄 Last Modified

🔗 References (38)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-6018?