1. Home
  2. CVE Database
  3. CVE-2003-0025
HIGH · 7.5

CVE-2003-0025

Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as c...

Vulnerability Description

Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
HordeImp2.2

References

FAQ

What is CVE-2003-0025?

CVE-2003-0025 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as c...

How severe is CVE-2003-0025?

CVE-2003-0025 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2003-0025?

Check the references section above for vendor advisories and patch information. Affected products include: Horde Imp.