1. Home
  2. CVE Database
  3. CVE-2007-1474
MEDIUM · 6.8

CVE-2007-1474

Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privi...

Vulnerability Description

Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
HordeHorde Application Framework3.0.0
HordeImp2.0

References

FAQ

What is CVE-2007-1474?

CVE-2007-1474 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privi...

How severe is CVE-2007-1474?

CVE-2007-1474 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-1474?

Check the references section above for vendor advisories and patch information. Affected products include: Horde Horde Application Framework, Horde Imp.