CVE-2001-1258

Published: Jul 21, 2001Modified: Apr 16, 2026

3.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:N

Exploitability: 3.9 / Impact: 4.9

Source: NVD

Description

Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.

Affected (7)

Products: Horde: Imp

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Horde Imp	Version 2.0
Horde Imp	Version 2.2.1
Horde Imp	Version 2.2.2
Horde Imp	Version 2.2.3
Horde Imp	Version 2.2.4
Horde Imp	Version 2.2.5
Horde Imp	Version 2.2

References (14)

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000410

Source: cve@mitre.org

http://online.securityfocus.com/archive/1/198495

Source: cve@mitre.org

http://online.securityfocus.com/archive/1/198495

Source: cve@mitre.org

http://www.caldera.com/support/security/advisories/CSSA-2001-027.0.txt

Source: cve@mitre.org

Vendor Advisory

http://www.debian.org/security/2001/dsa-073

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://www.iss.net/security_center/static/6906.php

Source: cve@mitre.org

http://www.securityfocus.com/bid/3083

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000410

Source: af854a3a-2127-422b-91ae-364da2661108

http://online.securityfocus.com/archive/1/198495

Source: af854a3a-2127-422b-91ae-364da2661108

http://online.securityfocus.com/archive/1/198495

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.caldera.com/support/security/advisories/CSSA-2001-027.0.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.debian.org/security/2001/dsa-073

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

http://www.iss.net/security_center/static/6906.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3083

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.