ID de Prueba:	1.3.6.1.4.1.25623.1.0.806070
Categoría:	Web application abuses
Título:	Open-Xchange (OX) App Suite Multiple Vulnerabilities -02 (Oct 2015)
Resumen:	Open-Xchange (OX) App Suite is prone to multiple vulnerabilities.
Descripción:	Summary: Open-Xchange (OX) App Suite is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - Crafted OLE Objects within OpenDocument Text files can be used to reference objects with absolute or relative paths. - Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite Vulnerability Impact: Successful exploitation will allow attackers to access or read arbitrary files that contain sensitive information, to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. Affected Software/OS: Open-Xchange (OX) App Suite versions before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10. Solution: Update to version 7.4.2-rev10 or 7.6.0-rev10 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-5236 http://packetstormsecurity.com/files/128257/Open-Xchange-7.6.0-XSS-SSRF-Traversal.html http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_2112_7.6.0_2014-08-25.pdf http://www.securityfocus.com/archive/1/archive/1/533443/100/0/threaded Common Vulnerability Exposure (CVE) ID: CVE-2014-5237 Bugtraq: 20140915 Open-Xchange Security Advisory 2014-09-15 (Google Search) http://www.securityfocus.com/archive/1/533443/100/0/threaded
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.