CVE-2012-6640
Summary
| CVE | CVE-2012-6640 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-04-05 21:55:00 UTC |
| Updated | 2014-04-07 15:23:00 UTC |
| Description | Cross-site scripting (XSS) vulnerability in Horde Internet Mail Program (IMP) before 5.0.22, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted SVG image attachment, a different vulnerability than CVE-2012-5565. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Horde | Groupware | 4.0 | All | webamail | All |
| Application | Horde | Groupware | 4.0 | rc1 | webamail | All |
| Application | Horde | Groupware | 4.0 | rc2 | webamail | All |
| Application | Horde | Groupware | 4.0.1 | All | webamail | All |
| Application | Horde | Groupware | 4.0.2 | All | webamail | All |
| Application | Horde | Groupware | 4.0.3 | All | webamail | All |
| Application | Horde | Groupware | 4.0.4 | All | webamail | All |
| Application | Horde | Groupware | 4.0.5 | All | webamail | All |
| Application | Horde | Groupware | 4.0.6 | All | webamail | All |
| Application | Horde | Groupware | 4.0.7 | All | webamail | All |
| Application | Horde | Groupware | 4.0 | All | webamail | All |
| Application | Horde | Groupware | 4.0 | rc1 | webamail | All |
| Application | Horde | Groupware | 4.0 | rc2 | webamail | All |
| Application | Horde | Groupware | 4.0.1 | All | webamail | All |
| Application | Horde | Groupware | 4.0.2 | All | webamail | All |
| Application | Horde | Groupware | 4.0.3 | All | webamail | All |
| Application | Horde | Groupware | 4.0.4 | All | webamail | All |
| Application | Horde | Groupware | 4.0.5 | All | webamail | All |
| Application | Horde | Groupware | 4.0.6 | All | webamail | All |
| Application | Horde | Groupware | 4.0.7 | All | webamail | All |
| Application | Horde | Groupware | All | All | webamail | All |
| Application | Horde | Imp | 5.0 | All | All | All |
| Application | Horde | Imp | 5.0 | alpha1 | All | All |
| Application | Horde | Imp | 5.0 | beta1 | All | All |
| Application | Horde | Imp | 5.0 | rc1 | All | All |
| Application | Horde | Imp | 5.0 | rc2 | All | All |
| Application | Horde | Imp | 5.0.1 | All | All | All |
| Application | Horde | Imp | 5.0.10 | All | All | All |
| Application | Horde | Imp | 5.0.11 | All | All | All |
| Application | Horde | Imp | 5.0.12 | All | All | All |
| Application | Horde | Imp | 5.0.13 | All | All | All |
| Application | Horde | Imp | 5.0.14 | All | All | All |
| Application | Horde | Imp | 5.0.15 | All | All | All |
| Application | Horde | Imp | 5.0.16 | All | All | All |
| Application | Horde | Imp | 5.0.17 | All | All | All |
| Application | Horde | Imp | 5.0.18 | All | All | All |
| Application | Horde | Imp | 5.0.19 | All | All | All |
| Application | Horde | Imp | 5.0.2 | All | All | All |
| Application | Horde | Imp | 5.0.20 | All | All | All |
| Application | Horde | Imp | 5.0.3 | All | All | All |
| Application | Horde | Imp | 5.0.4 | All | All | All |
| Application | Horde | Imp | 5.0.5 | All | All | All |
| Application | Horde | Imp | 5.0.6 | All | All | All |
| Application | Horde | Imp | 5.0.7 | All | All | All |
| Application | Horde | Imp | 5.0.8 | All | All | All |
| Application | Horde | Imp | 5.0.9 | All | All | All |
| Application | Horde | Imp | 5.0 | All | All | All |
| Application | Horde | Imp | 5.0 | alpha1 | All | All |
| Application | Horde | Imp | 5.0 | beta1 | All | All |
| Application | Horde | Imp | 5.0 | rc1 | All | All |
| Application | Horde | Imp | 5.0 | rc2 | All | All |
| Application | Horde | Imp | 5.0.1 | All | All | All |
| Application | Horde | Imp | 5.0.10 | All | All | All |
| Application | Horde | Imp | 5.0.11 | All | All | All |
| Application | Horde | Imp | 5.0.12 | All | All | All |
| Application | Horde | Imp | 5.0.13 | All | All | All |
| Application | Horde | Imp | 5.0.14 | All | All | All |
| Application | Horde | Imp | 5.0.15 | All | All | All |
| Application | Horde | Imp | 5.0.16 | All | All | All |
| Application | Horde | Imp | 5.0.17 | All | All | All |
| Application | Horde | Imp | 5.0.18 | All | All | All |
| Application | Horde | Imp | 5.0.19 | All | All | All |
| Application | Horde | Imp | 5.0.2 | All | All | All |
| Application | Horde | Imp | 5.0.20 | All | All | All |
| Application | Horde | Imp | 5.0.3 | All | All | All |
| Application | Horde | Imp | 5.0.4 | All | All | All |
| Application | Horde | Imp | 5.0.5 | All | All | All |
| Application | Horde | Imp | 5.0.6 | All | All | All |
| Application | Horde | Imp | 5.0.7 | All | All | All |
| Application | Horde | Imp | 5.0.8 | All | All | All |
| Application | Horde | Imp | 5.0.9 | All | All | All |
| Application | Horde | Imp | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [announce] IMP H4 (5.0.22) (final) | MLIST | lists.horde.org | |
| Prepare release. · horde/horde@08c699f · GitHub | CONFIRM | github.com | Vendor Advisory |
| [announce] Horde Groupware Webmail Edition 4.0.9 (final) | MLIST | lists.horde.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.