NVD

Id
40502  
Name
CVE-2013-5035  
Description
Multiple race conditions in HtmlCleaner before 2.6, as used in Open-Xchange AppSuite 7.2.2 before rev13 and other products, allow remote authenticated users to read the private e-mail of other persons in opportunistic circumstances by leveraging lack of thread safety and performing a rapid series of (1) mail-sending or (2) draft-saving operations.  
Reject
 
CVSS Version
2  
CVSS Score
4.9  
Severity
Medium  
CVSS Base Score
4.9  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:P/I:P/A:N)  
Pub Date
2017-01-18  
Published
2013-09-05  
Modified Date
2013-10-08  
Seq
2013-5035  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
205472 40502 CVE-2013-5035 20130816 Open-Xchange Security Advisory 2013-08-16  View
205473 40502 CVE-2013-5035 http://sourceforge.net/p/htmlcleaner/bugs/86/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
22390 JVNDB-2013-003965 Open-Xchange App Suite などの製品で使用される HtmlCleaner における他人の個人的な電子メールを読まれる脆弱性 Open-Xchange App Suite およびその他の製品で使用される HtmlCleaner には、競合状態により、他人の個人的な電子メールを読まれる脆弱性が存在します。 CVE-2013-5035 64977 CVE-2013-5035 40502 4.9 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-003965.html 2013-08-02 2013-10-24 View