Vulnerabilities > CVE-2009-4824 - Unspecified vulnerability in Kolab Groupware Server Image Upload Form

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

kolab

nessus

NVD

Published: 2010-04-27

Updated: 2010-06-05

Summary

Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an "image upload form."

Vulnerable Configurations

Part	Description	Count
Application	Kolab Kolab Kolab Server 2.1.0 Kolab Kolab Server 2.2 Kolab Kolab Server 2.2.0 Kolab Kolab Server 2.2.1 Kolab Kolab Server *	18

Nessus

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2010-108.NASL
description	A vulnerability was discovered and fixed in kolab-horde-framework : Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an image upload form. (CVE-2009-4824). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90 This update fixes this issue.
last seen	2020-06-01
modified	2020-06-02
plugin id	46734
published	2010-05-27
reporter	This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/46734
title	Mandriva Linux Security Advisory : kolab-horde-framework (MDVSA-2010:108)

Summary

Vulnerable Configurations

Nessus

References