321 matches found
[SECURITY] Fedora 21 Update: php-horde-ingo-3.2.7-1.fc21
Ingo is an email-filter management application. It is fully internationalized, integrated with Horde and the IMP Webmail client, and supports both server-side Sieve, Procmail, Maildrop and client-side IMAP message filtering...
[SECURITY] Fedora 21 Update: php-horde-imp-6.2.11-1.fc21
IMP, the Internet Mail Program, is one of the most popular and widely deployed open source webmail applications in the world. It allows universal, web-based access to IMAP and POP3 mail servers and provides Ajax, mobile and traditional interfaces with a rich range of features normally found only ...
[SECURITY] Fedora 22 Update: php-horde-imp-6.2.11-1.fc22
IMP, the Internet Mail Program, is one of the most popular and widely deployed open source webmail applications in the world. It allows universal, web-based access to IMAP and POP3 mail servers and provides Ajax, mobile and traditional interfaces with a rich range of features normally found only ...
[SECURITY] Fedora 22 Update: php-horde-ingo-3.2.7-1.fc22
Ingo is an email-filter management application. It is fully internationalized, integrated with Horde and the IMP Webmail client, and supports both server-side Sieve, Procmail, Maildrop and client-side IMAP message filtering...
[SECURITY] Fedora 23 Update: php-horde-imp-6.2.11-1.fc23
IMP, the Internet Mail Program, is one of the most popular and widely deployed open source webmail applications in the world. It allows universal, web-based access to IMAP and POP3 mail servers and provides Ajax, mobile and traditional interfaces with a rich range of features normally found only ...
The vulnerability of the OpenSUSE operating system allows attackers to compromise the integrity of protected information.
The vulnerability of the horde3-imp package in the OpenSUSE operating system can lead to a breach of protected information. This vulnerability can be exploited remotely...
UBUNTU-CVE-2015-2788
Multiple stack-based buffer overflows in the ibfillisqlda function in dbdimp.c in DBD-Firebird before 1.19 allow remote attackers to have unspecified impact via unknown vectors that trigger an error condition, related to binding octets to columns...
DEBIAN-CVE-2014-4946
Multiple cross-site scripting XSS vulnerabilities in Horde Internet Mail Program IMP before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via 1 unspecified flags or 2 a mailbox name in the dynamic mailbox view...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Horde Internet Mail Program IMP before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via 1 unspecified flags or 2 a mailbox name in the dynamic mailbox view...
CVE-2014-4945
CVE-2014-4945 : Concrete details across multiple sources show multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5. The issue allows remote attackers to inject arbitrary web script or HTML vi...
CVE-2014-4946
Multiple cross-site scripting XSS vulnerabilities in Horde Internet Mail Program IMP before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via 1 unspecified flags or 2 a mailbox name in the dynamic mailbox view...
CVE-2014-4945
Multiple cross-site scripting XSS vulnerabilities in Horde Internet Mail Program IMP before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic 1 mailbox or 2 message view...
CVE-2014-4946
The vulnerability CVE-2014-4946 affects Horde IMP (Internet Mail Program) before version 6.1.8, as deployed in Horde Groupware Webmail Edition before 5.1.5. The issue is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via (1) unspecified flags...
CVE-2014-4946
Multiple cross-site scripting XSS vulnerabilities in Horde Internet Mail Program IMP before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via 1 unspecified flags or 2 a mailbox name in the dynamic mailbox view...
Horde 1.2.x/2.1.3 and Imp 2.2.x/3.1.2 File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3067/info A vulnerability has been discovered in Horde Imp which may allow an attacker to access arbitrary system files. The issue occurs due to insufficient sanity checks on user-supplied URI parameters. By specifying a...
Horde IMP Webmail <= 4.0.4 Client Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/22975/info Horde IMP Webmail Client is prone to multiple input-validation vulnerabilities, including cross-site scripting and an HTML-injection issue, because the application fails to properly sanitize user-supplied input...
Horde Framework and IMP 2.x/3.x Cleanup Cron Script Arbitrary File Deletion Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22985/info Horde Framework and IMP are prone to a vulnerability that allows a local attacker to delete arbitrary files in the context of the user running the application. A successful attack can reduce the integrity of...
Horde IMP 2.2.x/3.2.x/4.0.x Email Attachments HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15730/info Horde IMP is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
openSUSE Security Update : horde3-imp (horde3-imp-5830)
This version upgrade of horde3-dimp to 4.3.11 fixes several issues including security related flaws, CVE-2012-0791 and adds new features. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : horde4-imp (openSUSE-SU-2012:1626-1)
This version update to version 5.0.24 addresses CVE-2012-5565 bnc791179 to fix XSS vulnerabilities on the compose page traditional view, the contacts popup window, and with certain IMAP mailbox names. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...