CVE-2007-6018 - CVE Reference - Advisories

CVE Reference: CVE-2007-6018

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6018

Description: IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to (1) delete arbitrary e-mail messages via a modified numeric ID or (2) "purge" deleted emails via a crafted email message.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/39595 SAID Secunia Advisory: SA28020 Secunia Advisory: SA28546 Secunia Advisory: SA29184 Secunia Advisory: SA29185 Secunia Advisory: SA29186 MLIST http://lists.horde.org/archives/announce/2008/000360.html MISC http://secunia.com/secunia_research/2007-102/advisory/ FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1470 CONFIRM BID 27223

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	OpenBSD BIND Query Port DNS Cache Poisoning

2.	Red Hat update for kernel

3.	Drupal Session Fixation Vulnerability

4.	Debian update for clamav

5.	Linux Kernel LDT Buffer Size Handling Vulnerability

6.	IPCop update for perl

7.	Ubuntu update for php

8.	Debian update for xulrunner

9.	dnsmasq Denial of Service and DNS Cache Poisoning

10.	Apple Safari Cross-Domain Cookie Injection Vulnerability