Showing 1 - 1 of 1

CVE-2014-5237

Status Candidate

Overview

Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger requests to arbitrary servers and embed arbitrary images via a URL in an embedded image in a Text document, which is not properly handled by the image preview.

Related Files

Open-Xchange 7.6.0 XSS / SSRF / Traversal: Posted Sep 15, 2014; Authored by Martin Heiland; Open-Xchange versions 7.6.0 and below suffer from absolute path traversal, server-side request forgery, XXE injection, and cross site scripting vulnerabilities.; tags | advisory, vulnerability, xss, file inclusion, xxe; advisories | CVE-2014-5234, CVE-2014-5235, CVE-2014-5236, CVE-2014-5237, CVE-2014-5238; SHA-256 | a67a92350a6eb49fcfcd83bb5f4009ea48632c5c129805bdc644ed7b80ed0a6b; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 300 files
Ubuntu 65 files
LiquidWorm 25 files
Debian 18 files
indoushka 15 files
Apple 10 files
Google Security Research 7 files
Gentoo 5 files
Emiliano Febbi 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,155)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,813)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,236)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,965)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2014-5237

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems