[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Open-Xchange Security Advisory 2015-04-27

To: bugtraq <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Open-Xchange Security Advisory 2015-04-27
From: Martin Heiland <martin.heiland.lists@xxxxxxxxxxxxxxxx>
Date: Mon, 27 Apr 2015 17:08:23 +0200 (CEST)

Product: Open-Xchange Server 6 / OX AppSuite
Vendor: Open-Xchange GmbH

Internal reference: 35982 (Bug ID)
Vulnerability type: Cross-Site Scripting (CWE-80)
Vulnerable version: 7.6.1
Vulnerable component: backend
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 7.6.1-rev21
Vendor notification: 2015-01-07
Solution date: 2015-03-02
CVE reference: CVE-2015-1588
CVSSv2: 5.7 
(AV:N/AC:M/Au:N/C:P/I:N/A:N/E:POC/RL:U/RC:C/CDP:LM/TD:H/CR:ND/IR:ND/AR:ND)

Vulnerability Details:
The sanitation and cleaner engine of OX AppSuite can be exploitet to return 
valid script code that gets executed by certain browsers. Such filter evasion 
requires rather good kowledge of the filtering algorithm and carefully crafted 
script code.

Risk:
Malicious script code can be executed within a users context. This can lead to 
session hijacking or triggering unwanted actions via the web interface (sending 
mail, deleting data etc.). Potential attack vectors are E-Mail (via 
attachments) or Drive.

Solution:
Users should update to the latest patch releases 7.6.1-rev21 (or later).



Internal reference: 36024 (Bug ID)
Vulnerability type: Cross-Site Scripting (CWE-80)
Vulnerable version: 7.6.1 and earlier
Vulnerable component: backend
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 7.4.2-rev43, 7.6.0-rev38, 7.6.1-rev21
Vendor notification: 2015-01-09
Solution date: 2015-03-02
CVE reference: CVE-2015-1588
CVSSv2: 4.1 
(AV:N/AC:M/Au:N/C:P/I:N/A:N/E:F/RL:U/RC:C/CDP:ND/TD:H/CR:ND/IR:ND/AR:ND)

Vulnerability Details:
Inline-styles of HTML content can be used to place a element at the complete 
viewport of the application. This element can be a hyperlink which may trick 
users to trust third party and potentially malicious content.

Risk:
The application can become unresponsible or unusable when selecting certain 
contant. Furthermore, users may get tricked to open hyperlinks or consume 
injected content (images, text) at unexpected places of the application for 
unsolicited advertising and social-engineering attacks.

Solution:
Users should update to the latest patch releases 7.4.2-rev43, 7.6.0-rev38, 
7.6.1-rev21 (or later).

Prev by Date: [ MDVSA-2015:211 ] glusterfs
Next by Date: [ MDVSA-2015:212 ] java-1.7.0-openjdk
Previous by thread: [ MDVSA-2015:211 ] glusterfs
Next by thread: [ MDVSA-2015:212 ] java-1.7.0-openjdk
Index(es):
- Date
- Thread