CVE-2007-1474
Horde Framework and IMP 2.x/3.x - Cleanup Cron Script Arbitrary File Deletion
Severity Score
6.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames.
Vulnerabilidad de inyección de argumento en la secuencia de comandos cleanup para cron de Horde Project Horde e IMP anterior a Horde Application Framework 3.1.4 permite a usuarios locales borrar archivos de su elección y posiblemente obtener privilegios mediante múltiples nombres de ruta separados por espacios.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-03-15 First Exploit
- 2007-03-16 CVE Reserved
- 2007-03-16 CVE Published
- 2024-01-18 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (10)
URL | Tag | Source |
---|---|---|
http://secunia.com/advisories/27565 | Third Party Advisory | |
http://www.securityfocus.com/bid/22985 | Vdb Entry | |
http://www.securitytracker.com/id?1017784 | Vdb Entry | |
http://www.securitytracker.com/id?1017785 | Vdb Entry | |
http://www.vupen.com/english/advisories/2007/0965 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/32997 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/29746 | 2007-03-15 |
URL | Date | SRC |
---|---|---|
http://lists.horde.org/archives/announce/2007/000315.html | 2017-07-29 |
URL | Date | SRC |
---|---|---|
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=489 | 2017-07-29 | |
http://www.debian.org/security/2007/dsa-1406 | 2017-07-29 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Horde Search vendor "Horde" | Horde Application Framework Search vendor "Horde" for product "Horde Application Framework" | 3.0.0 Search vendor "Horde" for product "Horde Application Framework" and version "3.0.0" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Horde Application Framework Search vendor "Horde" for product "Horde Application Framework" | 3.0.4 Search vendor "Horde" for product "Horde Application Framework" and version "3.0.4" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Horde Application Framework Search vendor "Horde" for product "Horde Application Framework" | 3.1.3 Search vendor "Horde" for product "Horde Application Framework" and version "3.1.3" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 2.0 Search vendor "Horde" for product "Imp" and version "2.0" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 2.2 Search vendor "Horde" for product "Imp" and version "2.2" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 2.2.1 Search vendor "Horde" for product "Imp" and version "2.2.1" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 2.2.2 Search vendor "Horde" for product "Imp" and version "2.2.2" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 2.2.3 Search vendor "Horde" for product "Imp" and version "2.2.3" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 2.2.4 Search vendor "Horde" for product "Imp" and version "2.2.4" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 2.2.5 Search vendor "Horde" for product "Imp" and version "2.2.5" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 2.2.6 Search vendor "Horde" for product "Imp" and version "2.2.6" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 2.2.7 Search vendor "Horde" for product "Imp" and version "2.2.7" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 2.2.8 Search vendor "Horde" for product "Imp" and version "2.2.8" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 2.3 Search vendor "Horde" for product "Imp" and version "2.3" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 3.0 Search vendor "Horde" for product "Imp" and version "3.0" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 3.1 Search vendor "Horde" for product "Imp" and version "3.1" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 3.1.2 Search vendor "Horde" for product "Imp" and version "3.1.2" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 3.2 Search vendor "Horde" for product "Imp" and version "3.2" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 3.2.1 Search vendor "Horde" for product "Imp" and version "3.2.1" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 3.2.2 Search vendor "Horde" for product "Imp" and version "3.2.2" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 3.2.3 Search vendor "Horde" for product "Imp" and version "3.2.3" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 3.2.4 Search vendor "Horde" for product "Imp" and version "3.2.4" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 3.2.5 Search vendor "Horde" for product "Imp" and version "3.2.5" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 3.2.6 Search vendor "Horde" for product "Imp" and version "3.2.6" | - |
Affected
|