• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Horde IMP Email Attachments HTML Injection Vulnerability

Bugtraq ID:	15730
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Dec 06 2005 12:00AM
Updated:	Dec 06 2005 12:00AM
Credit:	The vendor credits SEC Consult with the discovery of this vulnerability.
Vulnerable:	Horde IMP 4.0.4 Horde IMP 4.0.3 Horde IMP 4.0.2 Horde IMP 4.0.1 Horde IMP 4.0 Horde IMP 3.2.5 Horde IMP 3.2.4 Horde IMP 3.2.3 Horde IMP 3.2.2 Horde IMP 3.2.1 Horde IMP 3.2 Horde IMP 3.1.2 Horde IMP 3.1 Horde IMP 3.0 Horde IMP 2.3 Horde IMP 2.2.8 + Conectiva Linux 8.0 + Conectiva Linux 7.0 + Horde Horde 1.2.8 Horde IMP 2.2.7 - Caldera OpenLinux Server 3.1.1 - Caldera OpenLinux Server 3.1 - Conectiva Linux 7.0 - Conectiva Linux 6.0 - Conectiva Linux 5.1 - Conectiva Linux 5.0 + Horde Horde 1.2.7 Horde IMP 2.2.6 - Conectiva Linux 7.0 - Conectiva Linux 6.0 - Conectiva Linux 5.1 - Conectiva Linux 5.0 - Debian Linux 2.2 + Horde Horde 1.2.6 Horde IMP 2.2.5 + Caldera OpenLinux Server 3.1 - Conectiva Linux 7.0 - Conectiva Linux 6.0 - Conectiva Linux 5.1 - Conectiva Linux 5.0 + Horde Horde 1.2.5 Horde IMP 2.2.4 + Caldera OpenLinux Server 3.1 + Horde Horde 1.2.4 Horde IMP 2.2.3 + Horde Horde 1.2.3 Horde IMP 2.2.2 + Horde Horde 1.2.2 Horde IMP 2.2.1 + Horde Horde 1.2.1 Horde IMP 2.2 + Horde Horde 1.2 Horde IMP 2.0 - PHP PHP 4.0.1 pl2 - PHP PHP 4.0.1 - PHP PHP 4.0 0 - PHP PHP 3.0.16
Not Vulnerable: