If anyone has a few spare minutes to dive into this document, it would be great to test whether Horde/IMP is vulnerable too: http://www.coresecurity.com/?action=item&id=1687 Jan. -- Do you need professional PHP or Horde consulting? http://horde.org/consulting/