Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Open-Xchange Security Advisory 2015-04-27

From: Martin Heiland <martin.heiland.lists () open-xchange com>
Date: Mon, 27 Apr 2015 17:08:23 +0200 (CEST)
Product: Open-Xchange Server 6 / OX AppSuite
Vendor: Open-Xchange GmbH

Internal reference: 35982 (Bug ID)
Vulnerability type: Cross-Site Scripting (CWE-80)
Vulnerable version: 7.6.1
Vulnerable component: backend
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 7.6.1-rev21
Vendor notification: 2015-01-07
Solution date: 2015-03-02
CVE reference: CVE-2015-1588
CVSSv2: 5.7 (AV:N/AC:M/Au:N/C:P/I:N/A:N/E:POC/RL:U/RC:C/CDP:LM/TD:H/CR:ND/IR:ND/AR:ND)

Vulnerability Details:
The sanitation and cleaner engine of OX AppSuite can be exploitet to return valid script code that gets executed by 
certain browsers. Such filter evasion requires rather good kowledge of the filtering algorithm and carefully crafted 
script code.

Risk:
Malicious script code can be executed within a users context. This can lead to session hijacking or triggering unwanted 
actions via the web interface (sending mail, deleting data etc.). Potential attack vectors are E-Mail (via attachments) 
or Drive.

Solution:
Users should update to the latest patch releases 7.6.1-rev21 (or later).



Internal reference: 36024 (Bug ID)
Vulnerability type: Cross-Site Scripting (CWE-80)
Vulnerable version: 7.6.1 and earlier
Vulnerable component: backend
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 7.4.2-rev43, 7.6.0-rev38, 7.6.1-rev21
Vendor notification: 2015-01-09
Solution date: 2015-03-02
CVE reference: CVE-2015-1588
CVSSv2: 4.1 (AV:N/AC:M/Au:N/C:P/I:N/A:N/E:F/RL:U/RC:C/CDP:ND/TD:H/CR:ND/IR:ND/AR:ND)

Vulnerability Details:
Inline-styles of HTML content can be used to place a element at the complete viewport of the application. This element 
can be a hyperlink which may trick users to trust third party and potentially malicious content.

Risk:
The application can become unresponsible or unusable when selecting certain contant. Furthermore, users may get tricked 
to open hyperlinks or consume injected content (images, text) at unexpected places of the application for unsolicited 
advertising and social-engineering attacks.

Solution:
Users should update to the latest patch releases 7.4.2-rev43, 7.6.0-rev38, 7.6.1-rev21 (or later).
Previous By Date Next
Previous By Thread Next

Current thread: