VYPR

Imp

by Imp

CVEs (3)

  • CVE-2003-0025Jan 17, 2003
    risk 0.02cvss epss 0.24

    Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.

  • CVE-2000-0459Apr 22, 2000
    risk 0.00cvss epss 0.01

    IMP does not remove files properly if the MSWordView application quits, which allows local users to cause a denial of service by filling up the disk space by requesting a large number of documents and prematurely stopping the request.

  • CVE-2000-0458Apr 22, 2000
    risk 0.00cvss epss 0.00

    The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information.