CVE-2014-5447 (retired)

Priority
Description
Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions (644) for
config.php, which allows local users to obtain sensitive information by
reading the PHP session files. NOTE: this vulnerability exists because of
an incomplete fix for CVE-2014-0103.
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Updated: 2019-03-26 12:13:25 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)