Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2001-1258

Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.

PublishedJul 21, 2001, 04:00

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000410
http://online.securityfocus.com/archive/1/198495
http://www.caldera.com/support/security/advisories/CSSA-2001-027.0.txt
http://www.debian.org/security/2001/dsa-073
http://www.iss.net/security_center/static/6906.php
http://www.securityfocus.com/bid/3083

Weakness Type

NVD-CWE-Other

CVSS Metrics

Base Score

3.6

Vector String

AV:L/AC:L/Au:N/C:P/I:P/A:N

Base SeverityUnknown

Version

2.0

Attack Vector (AV)