This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Zarafa First view 2015-02-19
Product Zarafa Collaboration Platform Last view 2018-03-19
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.1.9:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.1.6:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.1.7:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.1.4:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.1.5:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.1.8:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.1:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.1.2:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.4:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.3:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.1.0:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.1.3:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.2:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.12:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.10:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.0:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.1.1:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.13:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.11:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.1.10:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.9:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.6:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.7:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.5:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.1.11:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.0.8:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:4.1:*:*:*:*:*:*:* 3
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.2.0:*:*:*:*:*:*:* 2
cpe:2.3:a:zarafa:zarafa_collaboration_platform:7.1.12:*:*:*:*:*:*:* 2

Related : CVE

  Date Alert Description
5.5 2018-03-19 CVE-2014-5450

Zarafa Collaboration Platform 4.1 uses world-readable permissions for /etc/zarafa/license, which allows local users to obtain sensitive information by reading license files.

8.4 2016-01-11 CVE-2015-6566

zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*.

6.6 2015-06-09 CVE-2015-3436

provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-lock.

5 2015-02-19 CVE-2014-9465

senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x before 7.1.12 beta 1 and 7.2.x before 7.2.0 beta 1 allows remote attackers to cause a denial of service (/tmp disk consumption) by uploading a large number of files.

CWE : Common Weakness Enumeration

%idName
50% (2) CWE-59 Improper Link Resolution Before File Access ('Link Following')
25% (1) CWE-399 Resource Management Errors
25% (1) CWE-200 Information Exposure

Nessus® Vulnerability Scanner

id Description
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-a275fd68f2.nasl - Type: ACT_GATHER_INFO
2015-06-09 Name: The remote Fedora host is missing a security update.
File: fedora_2015-8479.nasl - Type: ACT_GATHER_INFO
2015-06-09 Name: The remote Fedora host is missing a security update.
File: fedora_2015-8487.nasl - Type: ACT_GATHER_INFO
2015-04-28 Name: The remote Fedora host is missing a security update.
File: fedora_2015-5823.nasl - Type: ACT_GATHER_INFO
2015-04-28 Name: The remote Fedora host is missing a security update.
File: fedora_2015-5864.nasl - Type: ACT_GATHER_INFO
2015-02-11 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2015-040.nasl - Type: ACT_GATHER_INFO
2014-09-25 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2014-182.nasl - Type: ACT_GATHER_INFO
2014-09-03 Name: The remote Fedora host is missing a security update.
File: fedora_2014-9768.nasl - Type: ACT_GATHER_INFO
2014-08-30 Name: The remote Fedora host is missing a security update.
File: fedora_2014-9754.nasl - Type: ACT_GATHER_INFO