Fonality Affected

Notified: July 15, 2009 Updated: January 11, 2013

Statement Date: April 30, 2010

Status

Affected

Vendor Statement

You can download any of the 2.8 version and then do a code update from the GUI. This will get you the latest code. The insecure RSS code was removed in the newer version.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://fonality.com/trixbox/downloads

SugarCRM Affected

Updated: January 11, 2013

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

http://www.security-assessment.com/files/advisories/2008-04-29_SugarCRM_local_file_disclosure.pdf

trixbox Affected

Notified: July 15, 2009 Updated: January 11, 2013

Statement Date: April 30, 2010

Status

Affected

Vendor Statement

You can download any of the 2.8 version and then do a code update from the GUI. This will get you the latest code. The insecure RSS code was removed in the newer version.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://sourceforge.net/projects/asteriskathome/files/trixbox%20CE/