| Max CVSS | 2.1 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-5448 | 2.1 |
Zarafa 5.00 uses world-readable permissions for the files in the log directory, which allows local users to obtain sensitive information by reading the log files.
|
08-09-2017 - 01:29 | 20-10-2014 - 15:55 | |
| CVE-2014-5449 | 2.1 |
Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data.
|
08-09-2017 - 01:29 | 20-10-2014 - 15:55 | |
| CVE-2014-5447 | 2.1 |
Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions (644) for config.php, which allows local users to obtain sensitive information by reading the PHP session files. NOTE: this vulnerability exists because of an incomplete fix for CVE-2
|
17-11-2015 - 16:28 | 20-10-2014 - 15:55 | |
| CVE-2014-0103 | 2.1 |
WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.
|
04-11-2015 - 17:35 | 29-07-2014 - 14:55 |