Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 does not properly display file extensions on attached or embedded files in a compound document, which may allow remote attackers to trick users into executing malicious code.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Groove_workspace | Groove | * | 2.5n_build_1871 (including) |
Virtual_office | Groove | * | 3.1_build_2338 (including) |
Virtual_office | Groove | * | 3.1a_build_2364 (including) |