CVE-2013-5035

Name of the Vulnerable Software and Affected Versions HtmlCleaner versions prior to 2.6 Open-Xchange AppSuite version 7.2.2 before rev13

Description The issue is related to multiple race conditions that can be exploited by remote authenticated users. This can happen in opportunistic circumstances by leveraging the lack of thread safety. The exploitation can occur through a rapid series of operations, such as mail-sending or draft-saving. This allows attackers to read the private e-mail of other persons.

Recommendations For HtmlCleaner versions prior to 2.6, update to version 2.6 or later to resolve the issue. For Open-Xchange AppSuite version 7.2.2 before rev13, apply rev13 or later to fix the problem.