3 matches found
Open-Xchange Security Advisory 2014-04-08
Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Vulnerability type: Information exposure CWE-200 Vulnerable version: 7.4.2 and earlier Vulnerable component: frontend Fixed version: 7.4.2-rev13, 7.4.1-rev11, 7.2.2-rev20 Report confidence: Confirmed Solution status: Fixed by Vendor Vendor...
CVE-2014-2391
Open-Xchange AppSuite is affected (versions before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13). The password recovery service improperly treats a string tied to a previously used but invalid password, allowing information exposure via GET parameters present in web server ...
Open-Xchange AppSuite信息泄露漏洞
Bugtraq ID:66694 CVE ID:CVE-2014-2391 Open-Xchange Server是部分开源的项目,主要开发协同软件,例如电子邮件、日历等。 Open-Xchange AppSuite 7.4.2 及更早版本在实现上存在信息泄露漏洞,本地用户可利用此漏洞访问敏感信息。 0 open-xchange OX App Suite 7.4.2 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: http://www.open-xchange.com/home.html...