KLA10185 Multiple vulnerabilities in Groove

Detect date:

05/20/2005

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Groove products. Malicious users can exploit these vulnerabilities to obtain sensitive information, inject web scripts, bypass security restrictions and spoof filenames. Below is a complete list of vulnerabilities

Affected products:

Groove Virtual Office versions 3.1 build 2337 and earlier
Groove Virtual Office version 3.1a builds 2363 and earlier
Groove Workspace versions 2.5n build 1870 and earlier

Solution:

Update to latest version

Impacts:

OSI

Related products:

Groove Virtual Office

CVE-IDS:

CVE-2005-16782.6Warning
CVE-2005-16777.5Critical
CVE-2005-16766.8High
CVE-2005-16754.6Warning