296,202
Total vulnerabilities in the database
The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 7.1.8, 6.20.0, and earlier, when using certain build conditions, allows remote attackers to cause a denial of service (crash) via vectors related to "a NULL pointer of the password."
| Software | From | Fixed in |
|---|---|---|
| zarafa / zarafa | 5.20 | 5.20.x |
| zarafa / zarafa | 6.01 | 6.01.x |
| zarafa / zarafa | 5.11 | 5.11.x |
| zarafa / zarafa | 5.00 | 5.00.x |
| zarafa / zarafa | 6.00 | 6.00.x |
| zarafa / zarafa | 5.10 | 5.10.x |
| zarafa / zarafa | 6.11 | 6.11.x |
| zarafa / zarafa | 6.10 | 6.10.x |
| zarafa / zarafa | 5.02 | 5.02.x |
| zarafa / zarafa | 6.02 | 6.02.x |
| zarafa / zarafa | 5.22 | 5.22.x |
| zarafa / zarafa | 6.03 | 6.03.x |
| zarafa / zarafa | - | 6.20.x |
| zarafa / zarafa | 5.01 | 5.01.x |
| zarafa / zarafa | 7.1.8 | 7.1.8.x |