Test Kennung:	1.3.6.1.4.1.25623.1.0.809852
Kategorie:	Web application abuses
Titel:	Open-Xchange (OX) AppSuite XML External Entity Information Disclosure Vulnerability
Zusammenfassung:	Open-Xchange (OX) AppSuite is prone to an information disclosure vulnerability.
Beschreibung:	Summary: Open-Xchange (OX) AppSuite is prone to an information disclosure vulnerability. Vulnerability Insight: The flaw exists due to error in which references to external Open XML document type definitions (.dtd resources) can be placed within .docx and .xslx files. Those resources were requested when parsing certain parts of the generated document. Vulnerability Impact: Successful exploitation will allow attackers to gain access to sensitive information, this may lead to further attacks. Affected Software/OS: Open-Xchange (OX) AppSuite versions 7.6.2-rev0 - 7.6.2-rev13, 7.6.3-rev0 - 7.6.3-rev2, 7.8.0-rev0 - 7.8.0-rev6, 7.8.1-rev0 - 7.8.1-rev7. Solution: Upgrade to Open-Xchange (OX) AppSuite version 7.8.1-rev8, or 7.6.2-rev14, or 7.6.3-rev3, or 7.8.0-rev7 or later. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Querverweis:	BugTraq ID: 91355 Common Vulnerability Exposure (CVE) ID: CVE-2016-4047 Bugtraq: 20160622 Open-Xchange Security Advisory 2016-06-22 (Google Search) http://www.securityfocus.com/archive/1/538732/100/0/threaded http://www.securitytracker.com/id/1036157
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.