CVE-2003-0025

Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:horde:imp:2.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:horde:imp:2.2.8:*:*:*:*:*:*:*

History

20 Nov 2024, 23:43

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=104204786206563&w=2 - () http://marc.info/?l=bugtraq&m=104204786206563&w=2 -
References () http://secunia.com/advisories/8087 - () http://secunia.com/advisories/8087 -
References () http://secunia.com/advisories/8177 - () http://secunia.com/advisories/8177 -
References () http://www.debian.org/security/2003/dsa-229 - Patch, Vendor Advisory () http://www.debian.org/security/2003/dsa-229 - Patch, Vendor Advisory
References () http://www.securityfocus.com/archive/1/306268 - () http://www.securityfocus.com/archive/1/306268 -
References () http://www.securityfocus.com/bid/6559 - () http://www.securityfocus.com/bid/6559 -
References () http://www.securitytracker.com/id?1005904 - () http://www.securitytracker.com/id?1005904 -

Information

Published : 2003-01-17 05:00

Updated : 2024-11-20 23:43


NVD link : CVE-2003-0025

Mitre link : CVE-2003-0025

CVE.ORG link : CVE-2003-0025


JSON object : View

Products Affected

horde

  • imp