Lucene search
K

158 matches found

Prion
Prion
added 2014/01/26 8:55 p.m.19 views

Path traversal

XML External Entity XXE vulnerability in the CalDAV interface in Open-Xchange OX AppSuite 7.4.1 and earlier allows remote authenticated users to read portions of arbitrary files via vectors related to the SAX builder and the WebDAV interface. NOTE: this issue has been labeled as both absolute pat...

4CVSS6.8AI score0.01764EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2014/01/26 8:0 p.m.57 views

CVE-2013-7140

Open-Xchange AppSuite 7.4.1 and earlier is affected by an XML External Entity (XXE) vulnerability in the CalDAV interface (SAX builder and WebDAV). The issue can allow remote authenticated users to read portions of arbitrary files on the server. The root cause is characterized as XXE (and may inc...

4CVSS6.4AI score0.01764EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2014/01/26 8:0 p.m.34 views

CVE-2013-7140

XML External Entity XXE vulnerability in the CalDAV interface in Open-Xchange OX AppSuite 7.4.1 and earlier allows remote authenticated users to read portions of arbitrary files via vectors related to the SAX builder and the WebDAV interface. NOTE: this issue has been labeled as both absolute pat...

6.3AI score0.01764EPSS
Exploits0References5
securityvulns
securityvulns
added 2014/01/19 12:0 a.m.89 views

Open-Xchange Security Advisory 2014-01-17

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 30357 Bug ID Vulnerability type: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page Vulnerable version: 7.4.1 and earlier Vulnerable component: backend Fixed version: 7.2.2-rev29, 7.4.0-rev24,...

4.3CVSS0.4AI score0.01792EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/15 12:0 a.m.131 views

APPLE-SA-2011-10-12-1 iOS 5 Software Update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-1 iOS 5 Software Update iOS 5 Software Update is now available and addresses the following: CalDAV Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch 3rd generation and later, iOS...

10CVSS0.73327EPSS
Exploits41
NVD
NVD
added 2011/10/14 10:55 a.m.19 views

CVE-2011-3253

CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, which allows man-in-the-middle attackers to spoof calendar servers and obtain sensitive information via an arbitrary certificate...

2.6CVSS5.3AI score0.00566EPSS
Exploits0References2
Prion
Prion
added 2011/10/14 10:55 a.m.22 views

Design/Logic Flaw

CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, which allows man-in-the-middle attackers to spoof calendar servers and obtain sensitive information via an arbitrary certificate...

2.6CVSS5.7AI score0.00566EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2011/10/14 10:0 a.m.51 views

CVE-2011-3253

CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, allowing MITM attackers to spoof calendar servers and obtain sensitive information via an arbitrary certificate. Affected: iOS

2.6CVSS5.3AI score0.00566EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2011/10/14 10:0 a.m.25 views

CVE-2011-3253

CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, which allows man-in-the-middle attackers to spoof calendar servers and obtain sensitive information via an arbitrary certificate...

5.3AI score0.00566EPSS
Exploits0References2
Prion
Prion
added 2008/06/03 8:32 p.m.23 views

Design/Logic Flaw

Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to trigger memory corruption or possibly execute arbitrary code via an "ATTACH;VALUE=URI:S=osumi" line in a .ics file, which triggers a "resource liberation" bug. NOTE:...

4.3CVSS7.8AI score0.10124EPSS
Exploits4References13Affected Software1
NVD
NVD
added 2008/05/22 1:9 p.m.25 views

CVE-2008-2006

Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service NULL pointer dereference and application crash or possibly execute arbitrary code via a .ics file containing 1 a large 16-bit integer on a TRIGGER line, or 2 a large integer...

4.3CVSS7.7AI score0.09655EPSS
Exploits4References10
Prion
Prion
added 2008/05/22 1:9 p.m.23 views

Null pointer dereference

Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service NULL pointer dereference and application crash or possibly execute arbitrary code via a .ics file containing 1 a large 16-bit integer on a TRIGGER line, or 2 a large integer...

4.3CVSS8.3AI score0.09655EPSS
Exploits4References10Affected Software1
Cvelist
Cvelist
added 2008/05/22 10:0 a.m.34 views

CVE-2008-2006

Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service NULL pointer dereference and application crash or possibly execute arbitrary code via a .ics file containing 1 a large 16-bit integer on a TRIGGER line, or 2 a large integer...

7.7AI score0.09655EPSS
Exploits4References10
CVE
CVE
added 2008/05/22 10:0 a.m.62 views

CVE-2008-2006

Summary of the CVE-2008-2006 family (Apple iCal) : The iCal client on Mac OS X 10.5.x (notably 3.0.1; affected up to 10.5.2; PoCs mention 3.0.1/3.0.2) contains multiple input-validation bugs in ICS parsing. Root causes include (1) integer overflow/null-pointer dereference on a COUNT value in an R...

4.3CVSS7.7AI score0.09655EPSS
Exploits4References10Affected Software1
Prion
Prion
added 2007/11/14 1:46 a.m.7 views

Design/Logic Flaw

Unspecified vulnerability in Really Simple CalDAV Store RSCDS before 0.9.0 allows attackers to obtain sensitive information via unspecified vectors...

5CVSS6.5AI score0.01043EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2007/11/14 1:46 a.m.12 views

CVE-2007-5953

Unspecified vulnerability in Really Simple CalDAV Store RSCDS before 0.9.0 allows attackers to obtain sensitive information via unspecified vectors...

5CVSS6AI score0.01043EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/11/14 1:0 a.m.17 views

CVE-2007-5953

Unspecified vulnerability in Really Simple CalDAV Store RSCDS before 0.9.0 allows attackers to obtain sensitive information via unspecified vectors...

6AI score0.01043EPSS
Exploits0References4
CVE
CVE
added 2007/11/14 1:0 a.m.38 views

CVE-2007-5953

Technical details about CVE-2007-5953 are not provided in the included documents. Monitor for updates; the RSCDS project before 0.9.0 is described as allowing information disclosure via unspecified vectors.

5CVSS6AI score0.01043EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder