Open-Xchange Security Advisory 2014-02-10 Feb 10 2014 10:11AM
Martin Braun (martin braun open-xchange com)
Product: Open-Xchange AppSuite
Vendor: Open-Xchange GmbH

Internal reference: 30820 (Bug ID)
Vulnerability type: CWE-80 (Improper Neutralization of Script-Related HTML Tags in a Web Page)
Vulnerable version: 7.4.1 and earlier
Vulnerable component: backend
Fixed version: 7.2.2-rev31, 7.4.0-rev27, 7.4.1-rev17
Report confidence: Confirmed
Solution status: Fixed by Vendor
Vendor notification: 2014-01-25
Solution date: 2014-01-29
Public disclosure: 2014-02-10
Researcher credits: joernchen of Phenoelit
CVE reference: CVE-2014-1679

Vulnerability Details:
Embedding JavaScript code at the header of a SVG image file is executed within the context of OX AppSuite when opening the image as file attachment e.g. to a Mail message.

Malicious script code can be executed within a users context. This can lead to session hijacking or triggering unwanted actions via the web interface (sending mail, deleting data etc.).

Users should update to the latest available patch releases. Users should avoid opening E-Mail attachments or files from untrusted sources.

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus