High severity8.8NVD Advisory· Published Apr 4, 2017· Updated May 13, 2026
CVE-2017-7413
CVE-2017-7413
Description
In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed to a maliciously crafted email address.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- lists.horde.org/archives/horde/Week-of-Mon-20170403/056767.htmlnvdMailing ListVendor Advisory
- lists.debian.org/debian-lts-announce/2018/06/msg00006.htmlnvd
News mentions
0No linked articles in our index yet.