CVE-2025-59031 in Open-Xchange OX Dovecot Proinformation

Résumé (Anglaise)

Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided script, instead, use something else like FTS tika. No publicly available exploits are known.

Réserver

08/09/2025

Divulgation

27/03/2026

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
353849	Open-Xchange OX Dovecot Pro OOXML divulgation d'information	200	Non défini	Non défini	CVE-2025-59031

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

◂ PrécédentAperçuSuivant ▸

Interested in the pricing of exploits?

See the underground prices here!