Horde IMP Script Insertion

2004-08-03T06:24:13
ID OSVDB:8293
Type osvdb
Reporter OSVDB
Modified 2004-08-03T06:24:13

Description

Vulnerability Description

Horde IMP contains a flaw that allows a remote scripting attack. This issue is due to an input validation error in the IE HTML viewer. An Internet Explorer technology called HTML+TIME (based on SMIL)could be invoked to manipulate any attribute on an element via special control elements to execute malicious scripting code. This allows a remote attacker to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Technical Description

This issues is a variant of an older vulnerability reported by GreyMagic in Hotmail's and Yahoo's web-based email services.

Solution Description

Upgrade to version 3.2.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Horde IMP contains a flaw that allows a remote scripting attack. This issue is due to an input validation error in the IE HTML viewer. An Internet Explorer technology called HTML+TIME (based on SMIL)could be invoked to manipulate any attribute on an element via special control elements to execute malicious scripting code. This allows a remote attacker to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

References:

Secunia Advisory ID:12258 Secunia Advisory ID:12202 Other Advisory URL: http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.389.2.106&r2=1.389.2.109&ty=h Other Advisory URL: http://security.gentoo.org/glsa/glsa-200408-07.xml Other Advisory URL: http://www.greymagic.com/security/advisories/gm005-mc/ CVE-2004-1443