CVE-2014-5449 in Zarafa WebAccess
Summary
Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data.
Reservation
08/25/2014
Disclosure
10/20/2014
Entries
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerability | CWE | Exp | Cou | CVE |
|---|---|---|---|---|---|
| 72482 | Zarafa WebAccess information disclosure | 200 | Not defined | Not defined | CVE-2014-5449 |