EUVD-2013-6923

Malware in sbrugna...

CVE-2013-7140

XML External Entity XXE vulnerability in the CalDAV interface in Open-Xchange OX AppSuite 7.4.1 and earlier allows remote authenticated users to read portions of arbitrary files via vectors related to the SAX builder and the WebDAV interface. NOTE: this issue has been labeled as both absolute pat...

Path traversal

XML External Entity XXE vulnerability in the CalDAV interface in Open-Xchange OX AppSuite 7.4.1 and earlier allows remote authenticated users to read portions of arbitrary files via vectors related to the SAX builder and the WebDAV interface. NOTE: this issue has been labeled as both absolute pat...

CVE-2013-7140

XML External Entity XXE vulnerability in the CalDAV interface in Open-Xchange OX AppSuite 7.4.1 and earlier allows remote authenticated users to read portions of arbitrary files via vectors related to the SAX builder and the WebDAV interface. NOTE: this issue has been labeled as both absolute pat...

CVE-2013-7140

Open-Xchange AppSuite 7.4.1 and earlier is affected by an XML External Entity (XXE) vulnerability in the CalDAV interface (SAX builder and WebDAV). The issue can allow remote authenticated users to read portions of arbitrary files on the server. The root cause is characterized as XXE (and may inc...

Open-Xchange Security Advisory 2014-01-17

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 30357 Bug ID Vulnerability type: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page Vulnerable version: 7.4.1 and earlier Vulnerable component: backend Fixed version: 7.2.2-rev29, 7.4.0-rev24,...