Lucene search

[email protected]CVE-2015-7776

HistoryJun 19, 2016 - 8:59 p.m.

CVE-2015-7776

2016-06-1920:59:01

CWE-200

[email protected]

web.nvd.nist.gov

cybozu garoon

cve-2015-7776

security vulnerability

img elements

remote attack

html email

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

4.5 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.8%

JSON

Cybozu Garoon 3.x and 4.x before 4.2.0 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, a different vulnerability than CVE-2016-1196.

Affected configurations

NVD

Node

cybozugaroonMatch3.0.0

cybozugaroonMatch3.0.1

cybozugaroonMatch3.0.2

cybozugaroonMatch3.0.3

cybozugaroonMatch3.1.0

cybozugaroonMatch3.1.1

cybozugaroonMatch3.1.2

cybozugaroonMatch3.1.3

cybozugaroonMatch3.5.0

cybozugaroonMatch3.5.1

cybozugaroonMatch3.5.2

cybozugaroonMatch3.5.3

cybozugaroonMatch3.5.4

cybozugaroonMatch3.5.5

cybozugaroonMatch3.7.0

cybozugaroonMatch3.7.1

cybozugaroonMatch3.7.2

cybozugaroonMatch3.7.3

cybozugaroonMatch3.7.4

cybozugaroonMatch3.7.5

cybozugaroonMatch4.0.0

cybozugaroonMatch4.0.1

cybozugaroonMatch4.0.2

cybozugaroonMatch4.0.3

CPENameOperatorVersion
cybozu:garooncybozu garooneq3.0.0
cybozu:garooncybozu garooneq3.0.1
cybozu:garooncybozu garooneq3.0.2
cybozu:garooncybozu garooneq3.0.3
cybozu:garooncybozu garooneq3.1.0
cybozu:garooncybozu garooneq3.1.1
cybozu:garooncybozu garooneq3.1.2
cybozu:garooncybozu garooneq3.1.3
cybozu:garooncybozu garooneq3.5.0
cybozu:garooncybozu garooneq3.5.1

CPE	Name	Operator	Version
cybozu:garoon	cybozu garoon	eq	3.0.0
cybozu:garoon	cybozu garoon	eq	3.0.1
cybozu:garoon	cybozu garoon	eq	3.0.2
cybozu:garoon	cybozu garoon	eq	3.0.3
cybozu:garoon	cybozu garoon	eq	3.1.0
cybozu:garoon	cybozu garoon	eq	3.1.1
cybozu:garoon	cybozu garoon	eq	3.1.2
cybozu:garoon	cybozu garoon	eq	3.1.3
cybozu:garoon	cybozu garoon	eq	3.5.0
cybozu:garoon	cybozu garoon	eq	3.5.1

Rows per page:

1-10 of 241

References

jvn.jp/en/jp/JVN53542912/index.html

jvndb.jvn.jp/jvndb/JVNDB-2016-000085

support.cybozu.com/ja-jp/article/8757

support.cybozu.com/ja-jp/article/8897

support.cybozu.com/ja-jp/article/8951

support.cybozu.com/ja-jp/article/8982

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

4.5 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.8%

JSON

Related for CVE-2015-7776

prion2 nvd2 cvelist2 cve1 jvn2 openvas2