|
|
Horde IMP Email Header HTML Injection Vulnerability
|
Bugtraq ID:
|
10501
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CAN-2004-0584
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Jun 09 2004 12:00AM
|
|
Updated:
|
Jun 09 2004 12:00AM
|
|
Credit:
|
This issue was disclosed by the vendor in the referenced web advisory. Roman Medina-Heigl Hernandez <roman@rs-labs.com> originally found this issue in SquirrelMail.
|
|
Vulnerable:
|
Horde IMP 3.2.3
Horde IMP 3.2.2
Horde IMP 3.2.1
Horde IMP 3.2
Horde IMP 3.1.2
Horde IMP 3.1
Horde IMP 3.0
Horde IMP 2.3
Horde IMP 2.2.8
+
Conectiva Linux 8.0
+
Conectiva Linux 7.0
+
Horde Horde 1.2.8
Horde IMP 2.2.7
-
Caldera OpenLinux Server 3.1.1
-
Caldera OpenLinux Server 3.1
-
Conectiva Linux 7.0
-
Conectiva Linux 6.0
-
Conectiva Linux 5.1
-
Conectiva Linux 5.0
+
Horde Horde 1.2.7
Horde IMP 2.2.6
-
Conectiva Linux 7.0
-
Conectiva Linux 6.0
-
Conectiva Linux 5.1
-
Conectiva Linux 5.0
-
Debian Linux 2.2
+
Horde Horde 1.2.6
Horde IMP 2.2.5
+
Caldera OpenLinux Server 3.1
-
Conectiva Linux 7.0
-
Conectiva Linux 6.0
-
Conectiva Linux 5.1
-
Conectiva Linux 5.0
+
Horde Horde 1.2.5
Horde IMP 2.2.4
+
Caldera OpenLinux Server 3.1
+
Horde Horde 1.2.4
Horde IMP 2.2.3
+
Horde Horde 1.2.3
Horde IMP 2.2.2
+
Horde Horde 1.2.2
Horde IMP 2.2.1
+
Horde Horde 1.2.1
Horde IMP 2.2
+
Horde Horde 1.2
Horde IMP 2.0
-
PHP PHP 4.0.1 pl2
-
PHP PHP 4.0.1
-
PHP PHP 4.0 0
-
PHP PHP 3.0.16
|
|
|
|
Not Vulnerable:
|
Horde IMP 3.2.4
|
|
|
