KLA10185 Multiple vulnerabilities in Groove

Multiple serious vulnerabilities have been found in Groove products. Malicious users can exploit these vulnerabilities to obtain sensitive information, inject web scripts, bypass security restrictions and spoof filenames. Below is a complete list of vulnerabilities

1. Improper file extension display can be exploited remotely via a specially designed filename;
2. Vectors related to COM objects can be exploited remotely;
3. XSS vulnerabilities in can be exploited remotely;
4. Insecure permissions can be exploited locally.

Original advisories

Related products

Groove-Virtual-Office

CVE list

CVE-2005-1678 warning

CVE-2005-1677 critical

CVE-2005-1676 high

CVE-2005-1675 warning

Solution

Update to latest version

Impacts

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• CI

Code injection. Exploitation of vulnerabilities with this impact can lead to changes in target code.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

• Groove Virtual Office versions 3.1 build 2337 and earlierGroove Virtual Office version 3.1a builds 2363 and earlierGroove Workspace versions 2.5n build 1870 and earlier