NotCVE - vendor:"Zarafa" product:"Zarafa Collaboration Platform" version:"7.1.4"

3 results (0.004 seconds)

CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-6566

https://notcve.org/view.php?id=CVE-2015-6566

11 Jan 2016 — zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*. zarafa-autorespond en Zarafa Collaboration Platform (ZCP) en versiones anteriores a 7.2.1 permite a usuarios locales obtener privilegios a través de un ataque de enlace simbólico en /tmp/zarafa-vacation-*. • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172605.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-3436

https://notcve.org/view.php?id=CVE-2015-3436

09 Jun 2015 — provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-lock. provider/server/ECServer.cpp en Zarafa Collaboration Platform (ZCP) anterior a 7.1.13 y 7.2.x anterior a 7.2.1 permite a usuarios locales escribir en ficheros arbitrarios a través de un ataque de enlace simbólico sobre /tmp/zarafa-upgrade-lock. • http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159455.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.5EPSS: 2%CPEs: 29EXPL: 1

CVE-2014-9465 – Mandriva Linux Security Advisory 2015-040

https://notcve.org/view.php?id=CVE-2014-9465

10 Feb 2015 — senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x before 7.1.12 beta 1 and 7.2.x before 7.2.0 beta 1 allows remote attackers to cause a denial of service (/tmp disk consumption) by uploading a large number of files. senddocument.php en Zarafa WebApp anterior a 2.0 beta 3 y WebAccess en Zarafa Collaboration Platform (ZCP) 7.x anterior a 7.1.12 beta 1 y 7.2.x anterior a 7.2.0 beta 1 permite a atacantes remotos causar una denegación de servicio (consum... • http://advisories.mageia.org/MGASA-2015-0049.html • CWE-399: Resource Management Errors •