3 matches found
CVE-2013-5035
Multiple race conditions in HtmlCleaner before 2.6, as used in Open-Xchange AppSuite 7.2.2 before rev13 and other products, allow remote authenticated users to read the private e-mail of other persons in opportunistic circumstances by leveraging lack of thread safety and performing a rapid series...
Open-Xchange Security Advisory 2013-08-16
Product: Open-Xchange AppSuite / HTMLCleaner Vendor: Open-Xchange GmbH / HTMLCleaner team Internal reference: 27708 Open-Xchange Bug ID, 86 HTMLcleaner ticket Vulnerability type: Race condition within a thread CWE-366 Vulnerable version: 7.2.2 Vulnerable component: backend Fixed version:...
CVE-2013-5035
Vulnerability: Race conditions in HtmlCleaner (library used by Open-Xchange AppSuite) allow remote authenticated users to read other users’ private emails when rapid mail-send or draft-save operations occur. Affected versions: HtmlCleaner prior to 2.6; Open-Xchange AppSuite 7.2.2 before rev13 (an...