CVE-2014-0079

N/A

Descricao

The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 7.1.8, 6.20.0, and earlier, when using certain build conditions, allows remote attackers to cause a denial of service (crash) via vectors related to "a NULL pointer of the password."

Detalhes CVE

Pontuacao CVSS v3.1N/A

Publicado4/28/2014

Ultima modificacao4/12/2025

Fontenvd

Avistamentos honeypot0

Produtos afetados

zarafa:zarafa

Fraquezas (CWE)

CWE-20

Referencias

http://www.mandriva.com/security/advisories?name=MDVSA-2014:044(secalert@redhat.com)

https://bugzilla.redhat.com/show_bug.cgi?id=1059903(secalert@redhat.com)

http://www.mandriva.com/security/advisories?name=MDVSA-2014:044(af854a3a-2127-422b-91ae-364da2661108)

https://bugzilla.redhat.com/show_bug.cgi?id=1059903(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.