7.5

CVE-2003-0025

Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HordeImp Version2.2
HordeImp Version2.2.1
HordeImp Version2.2.2
HordeImp Version2.2.3
HordeImp Version2.2.4
HordeImp Version2.2.5
HordeImp Version2.2.6
HordeImp Version2.2.7
HordeImp Version2.2.8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 27.97% 0.979
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://marc.info/?l=bugtraq&m=104204786206563&w=2
http://secunia.com/advisories/8087
http://secunia.com/advisories/8177
http://www.debian.org/security/2003/dsa-229
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/306268
http://www.securityfocus.com/bid/6559
http://www.securitytracker.com/id?1005904