Lucene search
HistoryApr 28, 2014 - 2:09 p.m.
CVE-2014-0037
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
High
0.01 Low
EPSS
Percentile
83.3%
The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 5.00 before 7.1.8 beta2 allows remote attackers to cause a denial of service (crash) via vectors related to “a NULL pointer of the username.”
Affected configurations
Node
zarafazarafaMatch5.00
ORzarafazarafaMatch5.01
ORzarafazarafaMatch5.02
ORzarafazarafaMatch5.10
ORzarafazarafaMatch5.11
ORzarafazarafaMatch5.20
ORzarafazarafaMatch5.22
ORzarafazarafaMatch6.00
ORzarafazarafaMatch6.01
ORzarafazarafaMatch6.02
ORzarafazarafaMatch6.03
ORzarafazarafaMatch6.10
ORzarafazarafaMatch6.11
ORzarafazarafaMatch6.20
ORzarafazarafaMatch6.20.2
ORzarafazarafaMatch6.20.3
ORzarafazarafaMatch6.20.5
ORzarafazarafaMatch6.20.6
ORzarafazarafaMatch6.20.7
ORzarafazarafaMatch6.20.10
ORzarafazarafaMatch6.20.11
ORzarafazarafaMatch6.20.12
ORzarafazarafaMatch6.30.0
ORzarafazarafaMatch6.30.3
ORzarafazarafaMatch6.30.4
ORzarafazarafaMatch6.30.5
ORzarafazarafaMatch6.30.6
ORzarafazarafaMatch6.30.7
ORzarafazarafaMatch6.30.8
ORzarafazarafaMatch6.30.9
ORzarafazarafaMatch6.30.10
ORzarafazarafaMatch6.30.11
ORzarafazarafaMatch6.30.13
ORzarafazarafaMatch6.30.16
ORzarafazarafaMatch6.30.17
ORzarafazarafaMatch6.40.0
ORzarafazarafaMatch6.40.2
ORzarafazarafaMatch6.40.3
ORzarafazarafaMatch6.40.4
ORzarafazarafaMatch6.40.5
ORzarafazarafaMatch6.40.6
ORzarafazarafaMatch6.40.7
ORzarafazarafaMatch6.40.8
ORzarafazarafaMatch6.40.9
ORzarafazarafaMatch6.40.10
ORzarafazarafaMatch6.40.11
ORzarafazarafaMatch6.40.12
ORzarafazarafaMatch6.40.13
ORzarafazarafaMatch6.40.14
ORzarafazarafaMatch6.40.15
ORzarafazarafaMatch6.40.16
ORzarafazarafaMatch6.40.17
ORzarafazarafaMatch7.0
ORzarafazarafaMatch7.0.1
ORzarafazarafaMatch7.0.2
ORzarafazarafaMatch7.0.3
ORzarafazarafaMatch7.0.4
ORzarafazarafaMatch7.0.5
ORzarafazarafaMatch7.0.6
ORzarafazarafaMatch7.0.7
ORzarafazarafaMatch7.0.8
ORzarafazarafaMatch7.0.9
ORzarafazarafaMatch7.0.10
ORzarafazarafaMatch7.0.11
ORzarafazarafaMatch7.0.12
ORzarafazarafaMatch7.0.13
ORzarafazarafaMatch7.1.0
ORzarafazarafaMatch7.1.1
ORzarafazarafaMatch7.1.2
ORzarafazarafaMatch7.1.3
ORzarafazarafaMatch7.1.4
Related
cve
cve
CVE-2014-0037
2014-04-28 14:09:06
cvelist
cvelist
CVE-2014-0037
2014-04-28 14:00:00
prion
prion
Null pointer dereference
2014-04-28 14:09:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0112)
2022-01-28 00:00:00
Fedora Update for zarafa FEDORA-2014-1900
2014-02-17 00:00:00
Fedora Update for zarafa FEDORA-2014-1900
2014-02-17 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: zarafa-7.1.8-1.fc19
2014-02-15 20:04:25
[SECURITY] Fedora 20 Update: zarafa-7.1.8-1.fc20
2014-02-15 20:02:59
nessus
nessus
Fedora 19 : zarafa-7.1.8-1.fc19 (2014-1883)
2014-02-17 00:00:00
Mandriva Linux Security Advisory : zarafa (MDVSA-2014:044)
2014-02-20 00:00:00
Fedora 20 : zarafa-7.1.8-1.fc20 (2014-1900)
2014-02-17 00:00:00
securityvulns
securityvulns
[ MDVSA-2014:044 ] zarafa
2014-05-05 00:00:00
Zarafa DoS
2014-05-05 00:00:00
mageia
mageia
Updated zarafa packages fix security vulnerabilities
2014-03-02 02:57:23
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
High
0.01 Low
EPSS
Percentile
83.3%
Related for NVD:CVE-2014-0037