The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 7.1.8, 6.20.0, and previous versions, when using certain build conditions, allows remote malicious users to cause a denial of service (crash) via vectors related to "a NULL pointer of the password."
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
zarafa zarafa 6.03 |
||
zarafa zarafa 6.11 |
||
zarafa zarafa 5.10 |
||
zarafa zarafa 5.02 |
||
zarafa zarafa 5.11 |
||
zarafa zarafa 5.20 |
||
zarafa zarafa 5.22 |
||
zarafa zarafa 6.00 |
||
zarafa zarafa 6.02 |
||
zarafa zarafa 5.00 |
||
zarafa zarafa 7.1.8 |
||
zarafa zarafa 6.01 |
||
zarafa zarafa 6.10 |
||
zarafa zarafa 5.01 |
||
zarafa zarafa |
Vulmon