Secunia Research has discovered a vulnerability in IMP Webmail Client and Horde Groupware Webmail Edition, which can be exploited by malicious people to bypass certain security restrictions and manipulate data. The HTML filter does not filter out <frame> and <frameset> HTML elements. Additionally, the application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to (a) delete an arbitrary number of e-mail messages by referencing their numeric IDs and (b) purge deleted mails, when the victim opens a malicious HTML mail. Successful exploitation requires that the victim opens the HTML part of a malicious message. Solution: Update to Horde 3.1.6 or Horde Groupware Webmail Edition 1.0.4.
maintainers - please advise
*** Bug 203098 has been marked as a duplicate of this bug. ***
all horde packages should be bumped now
Thanks Mike. horde-webmail is ok because of ~arch. Arches, please test and mark stable www-apps/horde-imp-4.1.6. Target "alpha amd64 hppa ppc sparc x86"
x86 stable
Stable for HPPA.
alpha/sparc stable
ppc stable
amd64 stable
GLSA 200802-03