Vulnerabilites related to kolab - kolab_server
cve-2009-4824
Vulnerability from cvelistv5
Published
2010-04-27 15:00
Modified
2024-08-07 07:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an "image upload form."
References
| ▼ | URL | Tags |
|---|---|---|
| http://files.kolab.org/server/release/kolab-server-2.2.3/sources/release-notes.txt | x_refsource_CONFIRM | |
| http://secunia.com/advisories/37918 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2010:108 | vendor-advisory, x_refsource_MANDRIVA | |
| http://osvdb.org/61301 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2010/1245 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/37465 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:17:25.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://files.kolab.org/server/release/kolab-server-2.2.3/sources/release-notes.txt"
},
{
"name": "37918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37918"
},
{
"name": "MDVSA-2010:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:108"
},
{
"name": "61301",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/61301"
},
{
"name": "ADV-2010-1245",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1245"
},
{
"name": "37465",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37465"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an \"image upload form.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-06-05T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://files.kolab.org/server/release/kolab-server-2.2.3/sources/release-notes.txt"
},
{
"name": "37918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37918"
},
{
"name": "MDVSA-2010:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:108"
},
{
"name": "61301",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/61301"
},
{
"name": "ADV-2010-1245",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1245"
},
{
"name": "37465",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37465"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an \"image upload form.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://files.kolab.org/server/release/kolab-server-2.2.3/sources/release-notes.txt",
"refsource": "CONFIRM",
"url": "http://files.kolab.org/server/release/kolab-server-2.2.3/sources/release-notes.txt"
},
{
"name": "37918",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37918"
},
{
"name": "MDVSA-2010:108",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:108"
},
{
"name": "61301",
"refsource": "OSVDB",
"url": "http://osvdb.org/61301"
},
{
"name": "ADV-2010-1245",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1245"
},
{
"name": "37465",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37465"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4824",
"datePublished": "2010-04-27T15:00:00",
"dateReserved": "2010-04-27T00:00:00",
"dateUpdated": "2024-08-07T07:17:25.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4510
Vulnerability from cvelistv5
Published
2007-08-23 19:00
Modified
2024-08-07 15:01
Severity ?
EPSS score ?
Summary
ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "clamav-rtf-dos(36173)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36173"
},
{
"name": "GLSA-200709-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200709-14.xml"
},
{
"name": "26552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26552"
},
{
"name": "26822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26822"
},
{
"name": "26916",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26916"
},
{
"name": "25398",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25398"
},
{
"name": "26683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26683"
},
{
"name": "FEDORA-2007-2050",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html"
},
{
"name": "DSA-1366",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1366"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kolab.org/security/kolab-vendor-notice-17.txt"
},
{
"name": "3054",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3054"
},
{
"name": "ADV-2008-0924",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "26530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26530"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611"
},
{
"name": "2007-0026",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"name": "29420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29420"
},
{
"name": "SUSE-SR:2007:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
},
{
"name": "APPLE-SA-2008-03-18",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582"
},
{
"name": "26751",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26751"
},
{
"name": "26654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26654"
},
{
"name": "clamav-clihtmlnormalise-dos(36177)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36177"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "MDKSA-2007:172",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:172"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=533658"
},
{
"name": "ADV-2007-2952",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2952"
},
{
"name": "26674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26674"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "clamav-rtf-dos(36173)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36173"
},
{
"name": "GLSA-200709-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200709-14.xml"
},
{
"name": "26552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26552"
},
{
"name": "26822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26822"
},
{
"name": "26916",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26916"
},
{
"name": "25398",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25398"
},
{
"name": "26683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26683"
},
{
"name": "FEDORA-2007-2050",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html"
},
{
"name": "DSA-1366",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1366"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kolab.org/security/kolab-vendor-notice-17.txt"
},
{
"name": "3054",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3054"
},
{
"name": "ADV-2008-0924",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "26530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26530"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611"
},
{
"name": "2007-0026",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"name": "29420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29420"
},
{
"name": "SUSE-SR:2007:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
},
{
"name": "APPLE-SA-2008-03-18",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582"
},
{
"name": "26751",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26751"
},
{
"name": "26654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26654"
},
{
"name": "clamav-clihtmlnormalise-dos(36177)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36177"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "MDKSA-2007:172",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:172"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=533658"
},
{
"name": "ADV-2007-2952",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2952"
},
{
"name": "26674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26674"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4510",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "clamav-rtf-dos(36173)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36173"
},
{
"name": "GLSA-200709-14",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200709-14.xml"
},
{
"name": "26552",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26552"
},
{
"name": "26822",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26822"
},
{
"name": "26916",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26916"
},
{
"name": "25398",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25398"
},
{
"name": "26683",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26683"
},
{
"name": "FEDORA-2007-2050",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html"
},
{
"name": "DSA-1366",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1366"
},
{
"name": "http://kolab.org/security/kolab-vendor-notice-17.txt",
"refsource": "CONFIRM",
"url": "http://kolab.org/security/kolab-vendor-notice-17.txt"
},
{
"name": "3054",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3054"
},
{
"name": "ADV-2008-0924",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "26530",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26530"
},
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611",
"refsource": "CONFIRM",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611"
},
{
"name": "2007-0026",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"name": "29420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29420"
},
{
"name": "SUSE-SR:2007:018",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
},
{
"name": "APPLE-SA-2008-03-18",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582",
"refsource": "CONFIRM",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582"
},
{
"name": "26751",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26751"
},
{
"name": "26654",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26654"
},
{
"name": "clamav-clihtmlnormalise-dos(36177)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36177"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307562",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "MDKSA-2007:172",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:172"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=533658",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=533658"
},
{
"name": "ADV-2007-2952",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2952"
},
{
"name": "26674",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26674"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4510",
"datePublished": "2007-08-23T19:00:00",
"dateReserved": "2007-08-23T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2010-04-27 15:30
Modified
2024-11-21 01:10
Severity ?
Summary
Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an "image upload form."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kolab | kolab_server | * | |
| kolab | kolab_server | 2.1.0 | |
| kolab | kolab_server | 2.1.0 | |
| kolab | kolab_server | 2.1.0 | |
| kolab | kolab_server | 2.1.0 | |
| kolab | kolab_server | 2.1.0 | |
| kolab | kolab_server | 2.1.0 | |
| kolab | kolab_server | 2.1.0 | |
| kolab | kolab_server | 2.2 | |
| kolab | kolab_server | 2.2 | |
| kolab | kolab_server | 2.2 | |
| kolab | kolab_server | 2.2 | |
| kolab | kolab_server | 2.2 | |
| kolab | kolab_server | 2.2 | |
| kolab | kolab_server | 2.2.0 | |
| kolab | kolab_server | 2.2.1 | |
| kolab | kolab_server | 2.2.1 | |
| kolab | kolab_server | 2.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kolab:kolab_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05B3AFFF-A4E9-451C-B2C4-2CBB72DC9EA7",
"versionEndIncluding": "2.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1DB7A07-AB42-4BAC-9B44-EBA7E7A77C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.1.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "F3385D4A-53F2-4523-B82E-58245DBC04BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.1.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D0FBB15C-80CE-41FB-8F9C-179C008B1B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.1.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "D7E74881-422D-4341-9C03-48FC87CD07C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.1.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "AA9E1F54-EAB9-41E0-99FE-6A41C0653C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "434A19E3-6C6A-40A4-96BA-625DE29EB03B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "393D496F-46FF-498F-B879-B753D21908DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.2:beta1:*:*:*:*:*:*",
"matchCriteriaId": "955EF3D9-90E8-409A-99FC-3ECCF1049C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.2:beta2:*:*:*:*:*:*",
"matchCriteriaId": "F697D5ED-4ED6-477E-9DE9-B9CCCFD1751A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.2:beta3:*:*:*:*:*:*",
"matchCriteriaId": "A202A8CC-CEF4-4F5C-A513-2B5BFD62DCA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5AB4DDA3-6A6E-426F-B1FD-72FD02D457DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "92DB6988-16CB-49D6-AA6D-4D969913D1F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F4B45928-4350-4834-A71B-26BDAADF80DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3510F066-E4BE-4D19-A672-2D3116232269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C3595B-5E8A-4D96-A902-01D21DCFAD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.2.1:beta1:*:*:*:*:*:*",
"matchCriteriaId": "38B3E4EC-A1A6-4B53-A865-99679F5A842F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.2.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B47B3E36-B4C9-4BE6-8AE2-81C7080BE284",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an \"image upload form.\""
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Kolab Webclient anterior v1.2.0 en Kolab Server anterior v2.2.3 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de vectores relacionados con un \"formulario de carga de imagen\"\r\n"
}
],
"id": "CVE-2009-4824",
"lastModified": "2024-11-21T01:10:33.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-27T15:30:00.983",
"references": [
{
"source": "cve@mitre.org",
"url": "http://files.kolab.org/server/release/kolab-server-2.2.3/sources/release-notes.txt"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/61301"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37918"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:108"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/37465"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/1245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://files.kolab.org/server/release/kolab-server-2.2.3/sources/release-notes.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/61301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/1245"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-23 19:17
Modified
2024-11-21 00:35
Severity ?
Summary
ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clam_anti-virus | clamav | * | |
| kolab | kolab_server | 2.0 | |
| kolab | kolab_server | 2.0.1 | |
| kolab | kolab_server | 2.0.2 | |
| kolab | kolab_server | 2.0.3 | |
| kolab | kolab_server | 2.0.4 | |
| kolab | kolab_server | 2.1 | |
| kolab | kolab_server | 2.2beta1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A6B4E75-086D-4141-9C09-0C13F5AC2456",
"versionEndIncluding": "0.91.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B44412B2-C4BE-48E3-9E6F-E76431287A55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56D0BD75-65EE-41CA-A646-F476543D5D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB32C390-2F52-420E-AF61-345B086860D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C65A4464-1321-4735-9A0E-E4AEBB47AE2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6B9E1099-5E39-42BE-B3CF-64CEC56466C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA9889A6-0A8C-4313-A976-F641E9190436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kolab:kolab_server:2.2beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C011D46-31F9-47BC-8BF2-682823B0F2DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "ClamAV anterior a 0.91.2, usado en Kolab Server 2.0 hasta 2.2.beta1 y otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) mediante (1) un archivo RTF manipulado, que dispara una referencia a NULL en la funci\u00f3n cli-scanrtf de libclamav/rtf.c; o (2) un documento HTML manipulado con un URI data:, el cual dispara una referencia a NULL en la funci\u00f3n cli_html_normalise de libclamav/htmlnorm.c. NOTA: algunos de estos detalles se han obtenido de informaci\u00f3n de terceros."
}
],
"id": "CVE-2007-4510",
"lastModified": "2024-11-21T00:35:46.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-23T19:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "cve@mitre.org",
"url": "http://kolab.org/security/kolab-vendor-notice-17.txt"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26530"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26552"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26654"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26674"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26683"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26751"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26822"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26916"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29420"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200709-14.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3054"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/project/shownotes.php?release_id=533658"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1366"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:172"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25398"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2952"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36173"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36177"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html"
},
{
"source": "cve@mitre.org",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582"
},
{
"source": "cve@mitre.org",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kolab.org/security/kolab-vendor-notice-17.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200709-14.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/project/shownotes.php?release_id=533658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}