CVE-2010-3695: XSS
First published: Thu Oct 07 2010(Updated: )
Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via the fm_id parameter in a fetchmail_prefs_save action, related to the Fetchmail configuration.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Horde | <=4.3.7 | |
| Horde | =2.0 | |
| Horde | =2.2 | |
| Horde | =2.2.1 | |
| Horde | =2.2.2 | |
| Horde | =2.2.3 | |
| Horde | =2.2.4 | |
| Horde | =2.2.5 | |
| Horde | =2.2.6 | |
| Horde | =2.2.7 | |
| Horde | =2.2.8 | |
| Horde | =2.3 | |
| Horde | =3.0 | |
| Horde | =3.1 | |
| Horde | =3.1.2 | |
| Horde | =3.2 | |
| Horde | =3.2.1 | |
| Horde | =3.2.2 | |
| Horde | =3.2.3 | |
| Horde | =3.2.4 | |
| Horde | =3.2.5 | |
| Horde | =3.2.6 | |
| Horde | =3.2.7 | |
| Horde | =3.2.7-rc1 | |
| Horde | =4.0 | |
| Horde | =4.0.1 | |
| Horde | =4.0.2 | |
| Horde | =4.0.3 | |
| Horde | =4.0.4 | |
| Horde | =4.1.3 | |
| Horde | =4.1.5 | |
| Horde | =4.1.6 | |
| Horde | =4.2 | |
| Horde | =4.2.1 | |
| Horde | =4.2.2 | |
| Horde | =4.3 | |
| Horde | =4.3.1 | |
| Horde | =4.3.2 | |
| Horde | =4.3.3 | |
| Horde | =4.3.4 | |
| Horde | =4.3.5 | |
| Horde | =4.3.6 | |
| Horde Groupware Webmail Edition | <=1.2.6 | |
| Horde Groupware Webmail Edition | =1.0 | |
| Horde Groupware Webmail Edition | =1.0-rc1 | |
| Horde Groupware Webmail Edition | =1.0-rc2 | |
| Horde Groupware Webmail Edition | =1.0.1 | |
| Horde Groupware Webmail Edition | =1.0.2 | |
| Horde Groupware Webmail Edition | =1.0.3 | |
| Horde Groupware Webmail Edition | =1.0.4 | |
| Horde Groupware Webmail Edition | =1.0.5 | |
| Horde Groupware Webmail Edition | =1.0.6 | |
| Horde Groupware Webmail Edition | =1.0.7 | |
| Horde Groupware Webmail Edition | =1.0.8 | |
| Horde Groupware Webmail Edition | =1.1 | |
| Horde Groupware Webmail Edition | =1.1-rc1 | |
| Horde Groupware Webmail Edition | =1.1-rc2 | |
| Horde Groupware Webmail Edition | =1.1-rc3 | |
| Horde Groupware Webmail Edition | =1.1-rc4 | |
| Horde Groupware Webmail Edition | =1.1.1 | |
| Horde Groupware Webmail Edition | =1.1.2 | |
| Horde Groupware Webmail Edition | =1.1.3 | |
| Horde Groupware Webmail Edition | =1.1.4 | |
| Horde Groupware Webmail Edition | =1.1.5 | |
| Horde Groupware Webmail Edition | =1.1.6 | |
| Horde Groupware Webmail Edition | =1.2 | |
| Horde Groupware Webmail Edition | =1.2-rc1 | |
| Horde Groupware Webmail Edition | =1.2.1 | |
| Horde Groupware Webmail Edition | =1.2.2 | |
| Horde Groupware Webmail Edition | =1.2.3 | |
| Horde Groupware Webmail Edition | =1.2.3-rc1 | |
| Horde Groupware Webmail Edition | =1.2.4 | |
| Horde Groupware Webmail Edition | =1.2.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.vupen.com/english/advisories/2010/2513
- http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0379.html
- http://openwall.com/lists/oss-security/2010/09/30/7
- http://git.horde.org/diff.php/imp/fetchmailprefs.php?rt=horde&r1=1.39.4.10&r2=1.39.4.11
- http://openwall.com/lists/oss-security/2010/10/01/6
- http://secunia.com/advisories/43896
- http://www.vupen.com/english/advisories/2011/0769
- http://www.debian.org/security/2011/dsa-2204
- http://cvs.horde.org/diff.php/imp/docs/CHANGES?rt=horde&r1=1.699.2.424&r2=1.699.2.430&ty=h
- http://lists.horde.org/archives/announce/2010/000558.html
- http://openwall.com/lists/oss-security/2010/09/30/8
- http://lists.horde.org/archives/announce/2010/000568.html
- http://git.horde.org/diff.php/groupware/docs/webmail/CHANGES?rt=horde&r1=1.35.2.11&r2=1.35.2.13&ty=h
- http://www.securityfocus.com/bid/43515
- https://bugzilla.redhat.com/show_bug.cgi?id=641069
- http://secunia.com/advisories/41627
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598584
- http://securityreason.com/securityalert/8170
- http://www.securityfocus.com/archive/1/513992/100/0/threaded
- https://access.redhat.com/security/cve/CVE-2010-3695
- http://lists.horde.org/archives/announce/2010/000557.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=641070
Frequently Asked Questions
What is the severity of CVE-2010-3695?
CVE-2010-3695 is classified as a moderate severity cross-site scripting (XSS) vulnerability.
How do I fix CVE-2010-3695?
To fix CVE-2010-3695, upgrade to Horde IMP version 4.3.8 or later, or Horde Groupware Webmail Edition version 1.2.7 or later.
Who is affected by CVE-2010-3695?
CVE-2010-3695 affects multiple versions of Horde IMP prior to 4.3.8 and Horde Groupware Webmail Edition prior to 1.2.7.
What types of attacks can exploit CVE-2010-3695?
CVE-2010-3695 can be exploited by attackers to inject arbitrary web scripts or HTML through the fm_id parameter.
When was CVE-2010-3695 disclosed?
CVE-2010-3695 was disclosed in September 2010.
- collector/redhat-bugzilla
- alias/CVE-2010-3695
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/severity
- agent/references
- agent/remedy
- agent/author
- agent/description
- agent/weakness
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/horde
- canonical/horde
- version/horde/4.3.7
- version/horde/2.0
- version/horde/2.2
- version/horde/2.2.1
- version/horde/2.2.2
- version/horde/2.2.3
- version/horde/2.2.4
- version/horde/2.2.5
- version/horde/2.2.6
- version/horde/2.2.7
- version/horde/2.2.8
- version/horde/2.3
- version/horde/3.0
- version/horde/3.1
- version/horde/3.1.2
- version/horde/3.2
- version/horde/3.2.1
- version/horde/3.2.2
- version/horde/3.2.3
- version/horde/3.2.4
- version/horde/3.2.5
- version/horde/3.2.6
- version/horde/3.2.7
- version/horde/3.2.7-rc1
- version/horde/4.0
- version/horde/4.0.1
- version/horde/4.0.2
- version/horde/4.0.3
- version/horde/4.0.4
- version/horde/4.1.3
- version/horde/4.1.5
- version/horde/4.1.6
- version/horde/4.2
- version/horde/4.2.1
- version/horde/4.2.2
- version/horde/4.3
- version/horde/4.3.1
- version/horde/4.3.2
- version/horde/4.3.3
- version/horde/4.3.4
- version/horde/4.3.5
- version/horde/4.3.6
- canonical/horde groupware webmail edition
- version/horde groupware webmail edition/1.2.6
- version/horde groupware webmail edition/1.0
- version/horde groupware webmail edition/1.0-rc1
- version/horde groupware webmail edition/1.0-rc2
- version/horde groupware webmail edition/1.0.1
- version/horde groupware webmail edition/1.0.2
- version/horde groupware webmail edition/1.0.3
- version/horde groupware webmail edition/1.0.4
- version/horde groupware webmail edition/1.0.5
- version/horde groupware webmail edition/1.0.6
- version/horde groupware webmail edition/1.0.7
- version/horde groupware webmail edition/1.0.8
- version/horde groupware webmail edition/1.1
- version/horde groupware webmail edition/1.1-rc1
- version/horde groupware webmail edition/1.1-rc2
- version/horde groupware webmail edition/1.1-rc3
- version/horde groupware webmail edition/1.1-rc4
- version/horde groupware webmail edition/1.1.1
- version/horde groupware webmail edition/1.1.2
- version/horde groupware webmail edition/1.1.3
- version/horde groupware webmail edition/1.1.4
- version/horde groupware webmail edition/1.1.5
- version/horde groupware webmail edition/1.1.6
- version/horde groupware webmail edition/1.2
- version/horde groupware webmail edition/1.2-rc1
- version/horde groupware webmail edition/1.2.1
- version/horde groupware webmail edition/1.2.2
- version/horde groupware webmail edition/1.2.3
- version/horde groupware webmail edition/1.2.3-rc1
- version/horde groupware webmail edition/1.2.4
- version/horde groupware webmail edition/1.2.5