VULHUB ™

Multiple remote directory traversal vulnerabilities affect Ventia DeskNow Mail And Collaboration Server. These issues are due to a failure of the application to sanitize user-supplied input prior to using it to write and erase files. The first issue affects the email attachment file upload functionality. The second issue surrounds the file delete functionality of the document repository feature. An attacker may leverage this issue to delete and create arbitrary files on an affected computer. This may lead to code execution with the privileges of the affected server process as well as system wide denial of service attacks.

Multiple remote directory traversal vulnerabilities affect Ventia DeskNow Mail And Collaboration Server. These issues are due to a failure of the application to sanitize user-supplied input prior to using it to write and erase files. The first issue affects the email attachment file upload functionality. The second issue surrounds the file delete functionality of the document repository feature. An attacker may leverage this issue to delete and create arbitrary files on an affected computer. This may lead to code execution with the privileges of the affected server process as well as system wide denial of service attacks.