Summary
Detail | |||
---|---|---|---|
Vendor | Zarafa | First view | 2015-02-19 |
Product | Zarafa Collaboration Platform | Last view | 2018-03-19 |
Version | Type | Application | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
5.5 | 2018-03-19 | CVE-2014-5450 | Zarafa Collaboration Platform 4.1 uses world-readable permissions for /etc/zarafa/license, which allows local users to obtain sensitive information by reading license files. |
8.4 | 2016-01-11 | CVE-2015-6566 | zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*. |
6.6 | 2015-06-09 | CVE-2015-3436 | provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-lock. |
5 | 2015-02-19 | CVE-2014-9465 | senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x before 7.1.12 beta 1 and 7.2.x before 7.2.0 beta 1 allows remote attackers to cause a denial of service (/tmp disk consumption) by uploading a large number of files. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (2) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
25% (1) | CWE-399 | Resource Management Errors |
25% (1) | CWE-200 | Information Exposure |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2016-03-04 | Name: The remote Fedora host is missing a security update. File: fedora_2015-a275fd68f2.nasl - Type: ACT_GATHER_INFO |
2015-06-09 | Name: The remote Fedora host is missing a security update. File: fedora_2015-8479.nasl - Type: ACT_GATHER_INFO |
2015-06-09 | Name: The remote Fedora host is missing a security update. File: fedora_2015-8487.nasl - Type: ACT_GATHER_INFO |
2015-04-28 | Name: The remote Fedora host is missing a security update. File: fedora_2015-5823.nasl - Type: ACT_GATHER_INFO |
2015-04-28 | Name: The remote Fedora host is missing a security update. File: fedora_2015-5864.nasl - Type: ACT_GATHER_INFO |
2015-02-11 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2015-040.nasl - Type: ACT_GATHER_INFO |
2014-09-25 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2014-182.nasl - Type: ACT_GATHER_INFO |
2014-09-03 | Name: The remote Fedora host is missing a security update. File: fedora_2014-9768.nasl - Type: ACT_GATHER_INFO |
2014-08-30 | Name: The remote Fedora host is missing a security update. File: fedora_2014-9754.nasl - Type: ACT_GATHER_INFO |