// For flags

CVE-2014-0079

 

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 7.1.8, 6.20.0, and earlier, when using certain build conditions, allows remote attackers to cause a denial of service (crash) via vectors related to "a NULL pointer of the password."

La función ValidateUserLogon en provider/libserver/ECSession.cpp en Zarafa 7.1.8, 6.20.0 y anteriores, cuando utiliza ciertas condiciones build, permite a atacantes remotos causar una denegación de servicio (caída) a través de vectores relacionados con "un puntero nulo de la contraseña."

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-12-03 CVE Reserved
  • 2014-02-20 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 <= 6.20
Search vendor "Zarafa" for product "Zarafa" and version " <= 6.20"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 5.00
Search vendor "Zarafa" for product "Zarafa" and version "5.00"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 5.01
Search vendor "Zarafa" for product "Zarafa" and version "5.01"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 5.02
Search vendor "Zarafa" for product "Zarafa" and version "5.02"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 5.10
Search vendor "Zarafa" for product "Zarafa" and version "5.10"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 5.11
Search vendor "Zarafa" for product "Zarafa" and version "5.11"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 5.20
Search vendor "Zarafa" for product "Zarafa" and version "5.20"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 5.22
Search vendor "Zarafa" for product "Zarafa" and version "5.22"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 6.00
Search vendor "Zarafa" for product "Zarafa" and version "6.00"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 6.01
Search vendor "Zarafa" for product "Zarafa" and version "6.01"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 6.02
Search vendor "Zarafa" for product "Zarafa" and version "6.02"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 6.03
Search vendor "Zarafa" for product "Zarafa" and version "6.03"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 6.10
Search vendor "Zarafa" for product "Zarafa" and version "6.10"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 6.11
Search vendor "Zarafa" for product "Zarafa" and version "6.11"
-
Affected
Zarafa
Search vendor "Zarafa"
 Zarafa
Search vendor "Zarafa" for product "Zarafa"
 7.1.8
Search vendor "Zarafa" for product "Zarafa" and version "7.1.8"
-
Affected