Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30379
HistoryMar 24, 2014 - 12:00 a.m.

Open-Xchange Security Advisory 2014-03-17

2014-03-2400:00:00
vulners.com
19
JSON

Product: Open-Xchange AppSuite
Vendor: Open-Xchange GmbH

Internal reference: 31065
Vulnerability type: Cross Site Scripting (CWE-80)
Vulnerable version: 7.4.1 and 7.4.2
Vulnerable component: frontend
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 7.4.1-rev10, 7.4.2-rev8
Vendor notification: 2014-02-11
Solution date: 2014-02-28
Public disclosure: 2014-03-17
CVE reference: CVE-2014-2077
CVSSv2: 5.7 (AV:N/AC:M/Au:N/C:P/I:N/A:N/E:POC/RL:U/RC:C/CDP:LM/TD:H/CR:ND/IR:ND/AR:ND)

Vulnerability Details:
Script code that gets entered to the subject field of a mail, either by direct typing or using reply/forward, gets executed. This is caused by "aria" tags for screenreaders at the top bar, which do not use sanitized versions of the content. Note that just reading such a mail will not trigger the malicious code.

Risk:
Malicious script code can be executed within a users context. This can lead to session hijacking or triggering unwanted actions via the web interface (sending mail, deleting data etc.).

Solution:
Users should update to the latest patch releases. Users should avoid replying or forwarding mails from untrusted sources that contain suspicious subjects.

Internal reference: 31185 (Bug ID)
Vulnerability type: Information exposure (CWE-200)
Vulnerable version: 7.4.2
Vulnerable component: backend
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 7.4.2-rev9
Vendor notification: 2014-02-18
Solution date: 2014-02-26
Public disclosure: 2014-03-17
CVE reference: CVE-2014-2078
CVSSv2: 3.9 (AV:N/AC:L/Au:M/C:P/I:N/A:N/E:F/RL:U/RC:C/CDP:LM/TD:M/CR:ND/IR:ND/AR:ND)

Vulnerability Details:
Under some circumstances it may happen that E-Mail auto configuration for external accounts fails and returns an email address from a previously failing configuration attempt from any other user of the system.

Risk:
Users may gain unauthorised access to other users data e.g. mail addresses. Note that passwords are not affected by this.

Solution:
Users should update to the latest patch releases. As a temporary workaround, auto configuration for mail could be disabled at the backend:
$ /opt/open-xchange/sbin/stopbundle com.openexchange.mail.autoconfig.json

Related

openvas 2
cve 2
seebug 1
prion 2
securityvulns 1
openvas
openvas
Open-Xchange AppSuite Email Subject Cross Site Scripting Vulnerability
2015-10-13 00:00:00
Open-Xchange AppSuite Email Configuration Information Disclosure Vulnerability
2015-10-09 00:00:00
cve
cve
CVE-2014-2077
2014-03-20 16:55:00
CVE-2014-2078
2018-04-10 15:29:00
seebug
seebug
Open-Xchange Server Email Subject脚本注入漏洞
2014-03-19 00:00:00
prion
prion
Cross site scripting
2014-03-20 16:55:00
Open redirect
2018-04-10 15:29:00
securityvulns
securityvulns
OpenXchange crossite scripting
2014-03-24 00:00:00
JSON
Related for SECURITYVULNS:DOC:30379
openvas2cve2seebug1prion2securityvulns1