CVE-2008-7219

Name of the Vulnerable Software and Affected Versions Horde Kronolith H3 versions 2.1 through 2.1.6 and versions 2.2 through 2.2-RC1 Nag H3 versions 2.1 through 2.1.3 and versions 2.2 through 2.2-RC1 Mnemo H3 versions 2.1 through 2.1.1 and versions 2.2 through 2.2-RC1 Groupware versions 1.0 through 1.0.2 and versions 1.1 through 1.1-RC1 Groupware Webmail Edition versions 1.0 through 1.0.3 and versions 1.1 through 1.1-RC1

Description The issue is related to the failure to validate ownership when performing share changes. The impact and attack vectors of this issue are unknown.

Recommendations For Horde Kronolith H3 versions 2.1 through 2.1.6, update to version 2.1.7 or later. For Horde Kronolith H3 versions 2.2 through 2.2-RC1, update to version 2.2-RC2 or later. For Nag H3 versions 2.1 through 2.1.3, update to version 2.1.4 or later. For Nag H3 versions 2.2 through 2.2-RC1, update to version 2.2-RC2 or later. For Mnemo H3 versions 2.1 through 2.1.1, update to version 2.1.2 or later. For Mnemo H3 versions 2.2 through 2.2-RC1, update to version 2.2-RC2 or later. For Groupware versions 1.0 through 1.0.2, update to version 1.0.3 or later. For Groupware versions 1.1 through 1.1-RC1, update to version 1.1-RC2 or later. For Groupware Webmail Edition versions 1.0 through 1.0.3, update to version 1.0.4 or later. For Groupware Webmail Edition versions 1.1 through 1.1-RC1, update to version 1.1-RC2 or later.