CVE-2007-6018

N/A Unknown

Published: January 11, 2008 Modified: April 23, 2026

Description

IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to (1) delete arbitrary e-mail messages via a modified numeric ID or (2) "purge" deleted emails via a crafted email message.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://cvs.horde.org/diff.php/groupware/docs/groupware/CHANGES?r1=1.17&r2=1.17.2.1&ty=h

Source: PSIRT-CNA@flexerasoftware.com

http://cvs.horde.org/diff.php/groupware/docs/webmail/CHANGES?r1=1.12&r2=1.12.2.1&ty=h

Source: PSIRT-CNA@flexerasoftware.com

http://lists.horde.org/archives/announce/2008/000360.html

Source: PSIRT-CNA@flexerasoftware.com

http://lists.horde.org/archives/announce/2008/000365.html

Source: PSIRT-CNA@flexerasoftware.com

http://lists.horde.org/archives/announce/2008/000366.html

Source: PSIRT-CNA@flexerasoftware.com

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/advisories/28020

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

http://secunia.com/advisories/28546

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/advisories/29184

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/advisories/29185

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/advisories/29186

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/advisories/34418

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/secunia_research/2007-102/advisory/

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

http://www.debian.org/security/2008/dsa-1470

Source: PSIRT-CNA@flexerasoftware.com

http://www.securityfocus.com/bid/27223

Source: PSIRT-CNA@flexerasoftware.com

Patch

https://bugzilla.redhat.com/show_bug.cgi?id=428625

Source: PSIRT-CNA@flexerasoftware.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/39595

Source: PSIRT-CNA@flexerasoftware.com

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00888.html

Source: PSIRT-CNA@flexerasoftware.com

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00927.html

Source: PSIRT-CNA@flexerasoftware.com

http://cvs.horde.org/diff.php/groupware/docs/groupware/CHANGES?r1=1.17&r2=1.17.2.1&ty=h

Source: af854a3a-2127-422b-91ae-364da2661108

http://cvs.horde.org/diff.php/groupware/docs/webmail/CHANGES?r1=1.12&r2=1.12.2.1&ty=h

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.horde.org/archives/announce/2008/000360.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.horde.org/archives/announce/2008/000365.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.horde.org/archives/announce/2008/000366.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/28020

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/28546

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/29184

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/29185

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/29186

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/34418

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/secunia_research/2007-102/advisory/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.debian.org/security/2008/dsa-1470

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/27223

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://bugzilla.redhat.com/show_bug.cgi?id=428625

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/39595

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00888.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00927.html

Source: af854a3a-2127-422b-91ae-364da2661108

38 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

1.8%

75th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-264

Affected Vendors

horde

Related CVEs

CVE-2026-12415 9.8

CVE-2026-13422 4.3

CVE-2026-13335 6.4

CVE-2026-13333 6.5

CVE-2026-13331 6.5