CVE-2008-7219
First published: Sun Sep 13 2009(Updated: )
Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 does not validate ownership when performing share changes, which has unknown impact and attack vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Horde Nag H3 | =2.1.3 | |
| Horde Groupware | =1.1 | |
| Horde Groupware Webmail Edition | =1.1 | |
| Horde Nag H3 | =2.1.2 | |
| Horde Groupware | =1.0 | |
| Horde Nag H3 | =2.1.1 | |
| Horde Nag H3 | =2.2 | |
| Horde Kronolith H3 | =2.1.5 | |
| Horde Groupware | =1.0.2 | |
| Horde Groupware Webmail Edition | =1.0.3 | |
| Horde Mnemo H3 | =2.1.1 | |
| Horde Mnemo H3 | =2.1 | |
| Horde Kronolith H3 | =2.1.2 | |
| Horde Kronolith H3 | =2.1.4 | |
| Horde Groupware | =1.0.1 | |
| Horde Groupware Webmail Edition | =1.0 | |
| Horde Nag H3 | =2.1 | |
| Horde Groupware Webmail Edition | =1.0.2 | |
| Horde Kronolith H3 | =2.1.3 | |
| Horde Mnemo H3 | =2.2 | |
| Horde Kronolith H3 | =2.1.1 | |
| Horde Kronolith H3 | =2.1 | |
| Horde Kronolith H3 | =2.1.6 | |
| Horde Kronolith H3 | =2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.horde.org/archives/announce/2008/000369.html
- http://lists.horde.org/archives/announce/2008/000364.html
- https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html
- http://lists.horde.org/archives/announce/2008/000368.html
- http://lists.horde.org/archives/announce/2008/000371.html
- http://lists.horde.org/archives/announce/2008/000366.html
- http://secunia.com/advisories/28382
- http://www.securityfocus.com/bid/27217
- http://lists.horde.org/archives/announce/2008/000376.html
- http://lists.horde.org/archives/announce/2008/000365.html
- http://lists.horde.org/archives/announce/2008/000363.html
- http://lists.horde.org/archives/announce/2008/000362.html
- http://lists.horde.org/archives/announce/2008/000377.html
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/references
- agent/remedy
- agent/tags
- agent/description
- agent/event
- agent/source
- vendor/horde
- canonical/horde nag h3
- version/horde nag h3/2.1.3
- canonical/horde groupware
- version/horde groupware/1.1
- canonical/horde groupware webmail edition
- version/horde groupware webmail edition/1.1
- version/horde nag h3/2.1.2
- version/horde groupware/1.0
- version/horde nag h3/2.1.1
- version/horde nag h3/2.2
- canonical/horde kronolith h3
- version/horde kronolith h3/2.1.5
- version/horde groupware/1.0.2
- version/horde groupware webmail edition/1.0.3
- canonical/horde mnemo h3
- version/horde mnemo h3/2.1.1
- version/horde mnemo h3/2.1
- version/horde kronolith h3/2.1.2
- version/horde kronolith h3/2.1.4
- version/horde groupware/1.0.1
- version/horde groupware webmail edition/1.0
- version/horde nag h3/2.1
- version/horde groupware webmail edition/1.0.2
- version/horde kronolith h3/2.1.3
- version/horde mnemo h3/2.2
- version/horde kronolith h3/2.1.1
- version/horde kronolith h3/2.1
- version/horde kronolith h3/2.1.6
- version/horde kronolith h3/2.2