Argument Injection Vulnerability in Horde Project and IMP Affecting Local Users
CVE-2007-1474

Currently unrated

Key Information:

Vendor

Horde

Vendor
CVE Published:
16 March 2007

What is CVE-2007-1474?

An argument injection vulnerability exists in the cleanup cron script of the Horde Application Framework and IMP prior to version 3.1.4. This flaw allows local users to manipulate multiple space-delimited pathnames, leading to arbitrary file deletion. In some cases, this can be exploited to gain elevated privileges, posing a significant risk to the integrity of the system and its data. Proper security measures and updates should be applied to prevent potential exploitation.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.