CVE-2007-1474
CVE-2007-1474
Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/29746unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=489http://lists.horde.org/archives/announce/2007/000315.htmlhttp://secunia.com/advisories/27565https://exchange.xforce.ibmcloud.com/vulnerabilities/32997http://www.debian.org/security/2007/dsa-1406http://www.securityfocus.com/bid/22985http://www.securitytracker.com/id?1017784http://www.securitytracker.com/id?1017785http://www.vupen.com/english/advisories/2007/0965