High severity8.8NVD Advisory· Published Apr 4, 2017· Updated Jun 17, 2026
CVE-2017-7413
CVE-2017-7413
Description
In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed to a maliciously crafted email address.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2- lists.horde.org/archives/horde/Week-of-Mon-20170403/056767.htmlnvdMailing ListVendor Advisory
- lists.debian.org/debian-lts-announce/2018/06/msg00006.htmlnvd
News mentions
0No linked articles in our index yet.