5 matches found
Zimbra Code Issues Vulnerabilities
Zimbra is the United States Zimbra company's set of open source e-mail collaboration platform. A code issue vulnerability exists in the /service/upload program in the Webmail subsystem in versions of Zimbra prior to 8.8.15 Patch 10 and 9.x prior to 9.0.0 Patch 3, which can be exploited by an...
CVE-2020-12846
Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remote code execution via an avatar file. There is potential abuse of /service/upload servlet in the webmail subsystem. A user can upload executable files exe,sh,bat,jar in the Contact section of the mailbox as an avatar image for ...
Remote code execution
Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remote code execution via an avatar file. There is potential abuse of /service/upload servlet in the webmail subsystem. A user can upload executable files exe,sh,bat,jar in the Contact section of the mailbox as an avatar image for ...
CVE-2020-12846
Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remote code execution via an avatar file. There is potential abuse of /service/upload servlet in the webmail subsystem. A user can upload executable files exe,sh,bat,jar in the Contact section of the mailbox as an avatar image for ...
Buffer overflow in IPSwitch IMail
Buffer overflow in LDAP and webmail subsystem...