Vulnerability Details CVE-2007-1474
Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 81.2%
CVSS Severity
CVSS v2 Score 6.8
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=489
- http://lists.horde.org/archives/announce/2007/000315.html
- http://secunia.com/advisories/27565
- http://www.debian.org/security/2007/dsa-1406
- http://www.securityfocus.com/bid/22985
- http://www.securitytracker.com/id?1017784
- http://www.securitytracker.com/id?1017785
- http://www.vupen.com/english/advisories/2007/0965
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32997
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=489
- http://lists.horde.org/archives/announce/2007/000315.html
- http://secunia.com/advisories/27565
- http://www.debian.org/security/2007/dsa-1406
- http://www.securityfocus.com/bid/22985
- http://www.securitytracker.com/id?1017784
- http://www.securitytracker.com/id?1017785
- http://www.vupen.com/english/advisories/2007/0965
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32997
Products affected by CVE-2007-1474
-
cpe:2.3:a:horde:horde_application_framework:3.0.0
-
cpe:2.3:a:horde:horde_application_framework:3.0.4
-
cpe:2.3:a:horde:horde_application_framework:3.1.3
-
cpe:2.3:a:horde:imp:2.0
-
cpe:2.3:a:horde:imp:2.2
-
cpe:2.3:a:horde:imp:2.2.1
-
cpe:2.3:a:horde:imp:2.2.2
-
cpe:2.3:a:horde:imp:2.2.3
-
cpe:2.3:a:horde:imp:2.2.4
-
cpe:2.3:a:horde:imp:2.2.5
-
cpe:2.3:a:horde:imp:2.2.6
-
cpe:2.3:a:horde:imp:2.2.7
-
cpe:2.3:a:horde:imp:2.2.8
-
cpe:2.3:a:horde:imp:2.3
-
cpe:2.3:a:horde:imp:3.0
-
cpe:2.3:a:horde:imp:3.1
-
cpe:2.3:a:horde:imp:3.1.2
-
cpe:2.3:a:horde:imp:3.2
-
cpe:2.3:a:horde:imp:3.2.1
-
cpe:2.3:a:horde:imp:3.2.2
-
cpe:2.3:a:horde:imp:3.2.3
-
cpe:2.3:a:horde:imp:3.2.4
-
cpe:2.3:a:horde:imp:3.2.5
-
cpe:2.3:a:horde:imp:3.2.6