CVE-2001-1258
Published Jul 21, 2001
Last updated 14 years ago
Overview
- Description
- Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.6
- Impact score
- 4.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:horde:imp:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D2A8C5B-6155-4B40-B8C8-B4944064E3DF"
},
{
"criteria": "cpe:2.3:a:horde:imp:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D11E08A4-79D6-46FE-880F-66E9778C298E"
},
{
"criteria": "cpe:2.3:a:horde:imp:2.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55A3894F-2E3F-49CA-BEE5-759D603F6EAD"
},
{
"criteria": "cpe:2.3:a:horde:imp:2.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDDBDC41-7E6F-4C97-95BD-7DEB2D9FE837"
},
{
"criteria": "cpe:2.3:a:horde:imp:2.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B52D447-8E56-4E04-9650-38D222DA8D2C"
},
{
"criteria": "cpe:2.3:a:horde:imp:2.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C455353-0401-4975-89BC-C23D32A684F0"
},
{
"criteria": "cpe:2.3:a:horde:imp:2.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1D9D9E1-D8B7-4A56-BC2F-90BDC97322B5"
}
],
"operator": "OR"
}
]
}
]