Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2008-7218

Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors.

Published

2009-09-13T22:30:00.360

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 10.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	horde	groupware	1.0	Yes
Application	horde	groupware	1.0.1	Yes
Application	horde	groupware	1.0.2	Yes
Application	horde	groupware	1.1	Yes
Application	horde	groupware_webmail_edition	1.0	Yes
Application	horde	groupware_webmail_edition	1.0.2	Yes
Application	horde	groupware_webmail_edition	1.0.3	Yes
Application	horde	groupware_webmail_edition	1.1	Yes
Application	horde	horde	3.1	Yes
Application	horde	horde	3.1.1	Yes
Application	horde	horde	3.1.2	Yes
Application	horde	horde	3.1.3	Yes
Application	horde	horde	3.1.4	Yes
Application	horde	horde	3.1.5	Yes
Application	horde	horde	3.2	Yes
Application	horde	kronolith_h3	2.1	Yes
Application	horde	kronolith_h3	2.1.1	Yes
Application	horde	kronolith_h3	2.1.2	Yes
Application	horde	kronolith_h3	2.1.3	Yes
Application	horde	kronolith_h3	2.1.4	Yes
Application	horde	kronolith_h3	2.1.5	Yes
Application	horde	kronolith_h3	2.1.6	Yes
Application	horde	kronolith_h3	2.2	Yes
Application	horde	mnemo_h3	2.1	Yes
Application	horde	mnemo_h3	2.1.1	Yes
Application	horde	mnemo_h3	2.2	Yes
Application	horde	nag_h3	2.1	Yes
Application	horde	nag_h3	2.1.1	Yes
Application	horde	nag_h3	2.1.2	Yes
Application	horde	nag_h3	2.1.3	Yes
Application	horde	nag_h3	2.2	Yes
Application	horde	turba_h3	2.1	Yes
Application	horde	turba_h3	2.1.1	Yes
Application	horde	turba_h3	2.1.2	Yes
Application	horde	turba_h3	2.1.3	Yes
Application	horde	turba_h3	2.1.4	Yes
Application	horde	turba_h3	2.1.5	Yes
Application	horde	turba_h3	2.2	Yes
Application	horde	turba_h3	2.2	Yes

References

http://lists.horde.org/archives/announce/2008/000360.html Patch ([email protected])
http://lists.horde.org/archives/announce/2008/000361.html ([email protected])
http://lists.horde.org/archives/announce/2008/000362.html Patch ([email protected])
http://lists.horde.org/archives/announce/2008/000363.html Patch ([email protected])
http://lists.horde.org/archives/announce/2008/000364.html Patch ([email protected])
http://lists.horde.org/archives/announce/2008/000365.html Patch ([email protected])
http://lists.horde.org/archives/announce/2008/000366.html Patch ([email protected])
http://lists.horde.org/archives/announce/2008/000367.html Patch ([email protected])
http://lists.horde.org/archives/announce/2008/000368.html Patch ([email protected])
http://lists.horde.org/archives/announce/2008/000369.html Patch ([email protected])
http://lists.horde.org/archives/announce/2008/000371.html Patch ([email protected])
http://lists.horde.org/archives/announce/2008/000374.html Patch ([email protected])
http://lists.horde.org/archives/announce/2008/000376.html Patch ([email protected])
http://lists.horde.org/archives/announce/2008/000377.html Patch ([email protected])
http://secunia.com/advisories/28382 Vendor Advisory ([email protected])
http://www.osvdb.org/42775 ([email protected])
http://www.securityfocus.com/bid/27217 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/39599 ([email protected])
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html ([email protected])
http://lists.horde.org/archives/announce/2008/000360.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.horde.org/archives/announce/2008/000361.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.horde.org/archives/announce/2008/000362.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.horde.org/archives/announce/2008/000363.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.horde.org/archives/announce/2008/000364.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.horde.org/archives/announce/2008/000365.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.horde.org/archives/announce/2008/000366.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.horde.org/archives/announce/2008/000367.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.horde.org/archives/announce/2008/000368.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.horde.org/archives/announce/2008/000369.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.horde.org/archives/announce/2008/000371.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.horde.org/archives/announce/2008/000374.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.horde.org/archives/announce/2008/000376.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.horde.org/archives/announce/2008/000377.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/28382 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/42775 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/27217 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39599 (af854a3a-2127-422b-91ae-364da2661108)
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html (af854a3a-2127-422b-91ae-364da2661108)