Zarafa : Security Vulnerabilities, CVEs, Published In 2014 (Denial of service)

CVE-2014-0079

The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 7.1.8, 6.20.0, and earlier, when using certain build conditions, allows remote attackers to cause a denial of service (crash) via vectors related to "a NULL pointer of the password."
Max CVSS
5.0
EPSS Score
0.34%
Published
2014-04-28
Updated
2014-04-29

CVE-2014-0037

The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 5.00 before 7.1.8 beta2 allows remote attackers to cause a denial of service (crash) via vectors related to "a NULL pointer of the username."
Max CVSS
5.0
EPSS Score
0.96%
Published
2014-04-28
Updated
2014-04-29
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close