Zarafa : Security Vulnerabilities, CVEs, Published In 2014 (Denial of service)
The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 7.1.8, 6.20.0, and earlier, when using certain build conditions, allows remote attackers to cause a denial of service (crash) via vectors related to "a NULL pointer of the password."
Max CVSS
5.0
EPSS Score
0.34%
Published
2014-04-28
Updated
2014-04-29
The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 5.00 before 7.1.8 beta2 allows remote attackers to cause a denial of service (crash) via vectors related to "a NULL pointer of the username."
Max CVSS
5.0
EPSS Score
0.96%
Published
2014-04-28
Updated
2014-04-29
2 vulnerabilities found