Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0037

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-0037
Last Modified 29 Apr 2014 07:35:51
Published 28 Apr 2014 10:09:06
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-0037

Summary

The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 5.00 before 7.1.8 beta2 allows remote attackers to cause a denial of service (crash) via vectors related to "a NULL pointer of the username."

Vulnerable Systems

Application

  • Zarafa 5.00

  • Zarafa 5.01

  • Zarafa 5.02

  • Zarafa 5.10

  • Zarafa 5.11

  • Zarafa 5.20

  • Zarafa 5.22

  • Zarafa 6.00

  • Zarafa 6.01

  • Zarafa 6.02

  • Zarafa 6.03

  • Zarafa 6.10

  • Zarafa 6.11

  • Zarafa 6.20

  • Zarafa 6.20.10

  • Zarafa 6.20.11

  • Zarafa 6.20.12

  • Zarafa 6.20.2

  • Zarafa 6.20.3

  • Zarafa 6.20.5

  • Zarafa 6.20.6

  • Zarafa 6.20.7

  • Zarafa 6.30.0

  • Zarafa 6.30.10

  • Zarafa 6.30.11

  • Zarafa 6.30.13

  • Zarafa 6.30.16

  • Zarafa 6.30.17

  • Zarafa 6.30.3

  • Zarafa 6.30.4

  • Zarafa 6.30.5

  • Zarafa 6.30.6

  • Zarafa 6.30.7

  • Zarafa 6.30.8

  • Zarafa 6.30.9

  • Zarafa 6.40.0

  • Zarafa 6.40.10

  • Zarafa 6.40.11

  • Zarafa 6.40.12

  • Zarafa 6.40.13

  • Zarafa 6.40.14

  • Zarafa 6.40.15

  • Zarafa 6.40.16

  • Zarafa 6.40.17

  • Zarafa 6.40.2

  • Zarafa 6.40.3

  • Zarafa 6.40.4

  • Zarafa 6.40.5

  • Zarafa 6.40.6

  • Zarafa 6.40.7

  • Zarafa 6.40.8

  • Zarafa 6.40.9

  • Zarafa 7.0

  • Zarafa 7.0.1

  • Zarafa 7.0.10

  • Zarafa 7.0.11

  • Zarafa 7.0.12

  • Zarafa 7.0.13

  • Zarafa 7.0.2

  • Zarafa 7.0.3

  • Zarafa 7.0.4

  • Zarafa 7.0.5

  • Zarafa 7.0.6

  • Zarafa 7.0.7

  • Zarafa 7.0.8

  • Zarafa 7.0.9

  • Zarafa 7.1.0

  • Zarafa 7.1.1

  • Zarafa 7.1.2

  • Zarafa 7.1.3

  • Zarafa 7.1.4


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1059903

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1056767

MLIST - [oss-security] 20140131 Security Flaw CVE-2014-0037

MANDRIVA - MDVSA-2014:044


Last Updated: 27 May 2016 11:05:06