{ "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2010-1638", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The IMP plugin in Horde allows remote attackers to bypass firewall restrictions and use Horde as a proxy to scan internal networks via a crafted request to an unspecified test script. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[oss-security] 20100524 Re: [core] CVE Request for Horde and Squirrelmail", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2010/05/25/2" }, { "name": "[oss-security] 20100521 Re: [core] CVE Request for Horde and Squirrelmail", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2010/05/21/2" }, { "name": "http://conference.hitb.org/hitbsecconf2010dxb/materials/D1%20-%20Laurent%20Oudot%20-%20Improving%20the%20Stealthiness%20of%20Web%20Hacking.pdf#page=74", "refsource": "MISC", "url": "http://conference.hitb.org/hitbsecconf2010dxb/materials/D1%20-%20Laurent%20Oudot%20-%20Improving%20the%20Stealthiness%20of%20Web%20Hacking.pdf#page=74" } ] } }