Lucene search
MitreCVE-2012-6640HistoryApr 05, 2014 - 9:55 p.m.
CVE-2012-6640
2014-04-0521:55:06
CWE-79
mitre
web.nvd.nist.gov
25
cve-2012-6640
xss
vulnerability
horde internet mail program
imp
web script
html
svg image
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.003
Percentile
65.5%
Cross-site scripting (XSS) vulnerability in Horde Internet Mail Program (IMP) before 5.0.22, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted SVG image attachment, a different vulnerability than CVE-2012-5565.
Affected configurations
Node
hordegroupwareRange≤4.0.8webamail
ORhordegroupwareMatch4.0webamail
ORhordegroupwareMatch4.0rc1webamail
ORhordegroupwareMatch4.0rc2webamail
ORhordegroupwareMatch4.0.1webamail
ORhordegroupwareMatch4.0.2webamail
ORhordegroupwareMatch4.0.3webamail
ORhordegroupwareMatch4.0.4webamail
ORhordegroupwareMatch4.0.5webamail
ORhordegroupwareMatch4.0.6webamail
ORhordegroupwareMatch4.0.7webamail
Node
hordeimpRange≤5.0.21
ORhordeimpMatch5.0
ORhordeimpMatch5.0alpha1
ORhordeimpMatch5.0beta1
ORhordeimpMatch5.0rc1
ORhordeimpMatch5.0rc2
ORhordeimpMatch5.0.1
ORhordeimpMatch5.0.2
ORhordeimpMatch5.0.3
ORhordeimpMatch5.0.4
ORhordeimpMatch5.0.5
ORhordeimpMatch5.0.6
ORhordeimpMatch5.0.7
ORhordeimpMatch5.0.8
ORhordeimpMatch5.0.9
ORhordeimpMatch5.0.10
ORhordeimpMatch5.0.11
ORhordeimpMatch5.0.12
ORhordeimpMatch5.0.13
ORhordeimpMatch5.0.14
ORhordeimpMatch5.0.15
ORhordeimpMatch5.0.16
ORhordeimpMatch5.0.17
ORhordeimpMatch5.0.18
ORhordeimpMatch5.0.19
ORhordeimpMatch5.0.20
| Vendor | Product | Version | CPE |
|---|---|---|---|
| horde | groupware | * | cpe:2.3:a:horde:groupware:*:*:webamail:*:*:*:*:* |
| horde | groupware | 4.0 | cpe:2.3:a:horde:groupware:4.0:*:webamail:*:*:*:*:* |
| horde | groupware | 4.0 | cpe:2.3:a:horde:groupware:4.0:rc1:webamail:*:*:*:*:* |
| horde | groupware | 4.0 | cpe:2.3:a:horde:groupware:4.0:rc2:webamail:*:*:*:*:* |
| horde | groupware | 4.0.1 | cpe:2.3:a:horde:groupware:4.0.1:*:webamail:*:*:*:*:* |
| horde | groupware | 4.0.2 | cpe:2.3:a:horde:groupware:4.0.2:*:webamail:*:*:*:*:* |
| horde | groupware | 4.0.3 | cpe:2.3:a:horde:groupware:4.0.3:*:webamail:*:*:*:*:* |
| horde | groupware | 4.0.4 | cpe:2.3:a:horde:groupware:4.0.4:*:webamail:*:*:*:*:* |
| horde | groupware | 4.0.5 | cpe:2.3:a:horde:groupware:4.0.5:*:webamail:*:*:*:*:* |
| horde | groupware | 4.0.6 | cpe:2.3:a:horde:groupware:4.0.6:*:webamail:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2014-04-05 21:55:00
Cross site scripting
2014-04-05 21:55:00
nvd
nvd
CVE-2012-6640
2014-04-05 21:55:06
CVE-2012-5565
2014-04-05 21:55:06
debiancve
debiancve
CVE-2012-6640
2014-04-05 21:55:06
CVE-2012-5565
2014-04-05 21:55:06
ubuntucve
ubuntucve
CVE-2012-6640
2014-04-05 00:00:00
cvelist
cvelist
CVE-2012-6640
2014-04-05 21:00:00
CVE-2012-5565
2014-04-05 21:00:00
nessus
nessus
Horde IMP js/compose-dimp.js XSS
2013-01-21 00:00:00
openSUSE Security Update : horde4-imp (openSUSE-SU-2012:1626-1)
2014-06-13 00:00:00
cve
cve
CVE-2012-5565
2014-04-05 21:55:06
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.003
Percentile
65.5%
Related for CVE-2012-6640