Описание
Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data.
Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-5449
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95453
- http://advisories.mageia.org/MGASA-2014-0380.html
- http://seclists.org/oss-sec/2014/q3/444
- http://seclists.org/oss-sec/2014/q3/445
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:182
- http://www.securityfocus.com/bid/69369
Связанные уязвимости
Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data.
Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data.
Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for th ...