Lucene search
K

105 matches found

NVD
NVD
added 2017/04/20 6:59 p.m.22 views

CVE-2016-4842

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read...

4.3CVSS4.6AI score0.01586EPSS
Exploits0References4
OSV
OSV
added 2017/04/20 6:59 p.m.2 views

CVE-2016-4844

Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks...

4.3CVSS5.8AI score0.01481EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/04/20 6:0 p.m.26 views

CVE-2016-4842

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read...

4.8AI score0.01586EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/04/20 6:0 p.m.31 views

CVE-2016-4843

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information...

6.4AI score0.01892EPSS
Exploits0References4
CVE
CVE
added 2017/04/20 6:0 p.m.46 views

CVE-2016-4843

CVE-2016-4843 affects Cybozu Mailwise prior to 5.4.0. The issue is an information-disclosure vulnerability: an unauthenticated remote attacker could obtain sensitive cookie/session information due to exposure on the CGI environment variables display page. Impact is partial confidentiality loss of...

6.5CVSS6.4AI score0.01892EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/04/20 6:0 p.m.22 views

CVE-2016-4844

Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks...

4.9AI score0.01481EPSS
Exploits0References4
CVE
CVE
added 2017/04/20 6:0 p.m.56 views

CVE-2016-4844

CVE-2016-4844 : Cybozu Mailwise is vulnerable to clickjacking in versions before 5.4.0. Several sources (NVD entry for CVE-2016-4844 and OpenVAS/JS references) specify vulnerable ranges such as 5.0.0–5.3.2 and indicate that an attacker could trick authenticated users into unintended actions by lo...

4.3CVSS4.9AI score0.01481EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2017/04/20 6:0 p.m.59 views

CVE-2016-4842

CVE-2016-4842 affects Cybozu Mailwise prior to 5.4.0. A vulnerability in the mail view page can disclose that a user read a specific email when a specially crafted message is opened, enabling information disclosure from remote attackers. Affected versions are 5.0.0 through 5.3.2. The root cause r...

4.3CVSS4.7AI score0.01586EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2016/08/17 12:0 a.m.2 views

Cybozu Mailwise Information Disclosure Vulnerability (CNVD-2016-06399)

Cybozu Mailwise is a Web-based e-mail system from Cybozu. An information disclosure vulnerability exists in Cybozu Mailwise versions 5.0.0 through 5.3.2. A remote attacker can exploit this vulnerability to obtain sensitive information...

4.3CVSS6.3AI score0.01586EPSS
Exploits0References1
CNVD
CNVD
added 2016/08/17 12:0 a.m.3 views

Cybozu Mailwise Information Disclosure Vulnerability (CNVD-2016-06382)

Cybozu Mailwise is a web-based e-mail system. An information disclosure vulnerability exists in Cybozu Mailwise 5.0.0 through 5.3.2, which can be exploited by remote attackers to obtain sensitive information...

6.5CVSS6.3AI score0.01892EPSS
Exploits0References1
CNVD
CNVD
added 2016/08/17 12:0 a.m.2 views

Cybozu Mailwise Clickjacking Vulnerability

Cybozu Mailwise is a Web-based e-mail system from Cybozu. A clickjacking vulnerability exists in Cybozu Mailwise versions 5.0.0 through 5.3.2. An attacker could exploit this vulnerability to compromise an affected application and obtain sensitive information...

4.3CVSS6.7AI score0.01481EPSS
Exploits0References1
CNVD
CNVD
added 2016/08/17 12:0 a.m.6 views

Cybozu Mailwise Email Header Injection Vulnerability

Cybozu Mailwise is a Web-based e-mail system from Cybozu. An email header injection vulnerability exists in Cybozu Mailwise versions 5.0.0 through 5.3.2. An attacker can exploit this vulnerability to modify the content and perform unauthorized operations...

4.3CVSS7.3AI score0.01481EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/08/16 5:14 a.m.2 views

Cybozu Mailwise contains issue in preventing clickjacking attacks

Overview Cybozu Mailwise contains multiple pages for editing/sending bulk emails. Some of these pages fail to protect against clickjacking attacks. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the...

4.3CVSS6.6AI score0.01481EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/08/16 5:14 a.m.3 views

Cybozu Mailwise vulnerable to information disclosure

Overview Cybozu Mailwise contains an information disclosure vulnerability in the mail view page. Masato Kinugawa reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinat...

4.7CVSS6.1AI score0.01586EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/08/16 5:10 a.m.5 views

Cybozu Mailwise vulnerable to mail header injection

Overview Cybozu Mailwise contains a mail header injection vulnerability in the process of sending emails. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security Early Warning...

4.3CVSS6.9AI score0.01481EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/08/16 12:0 a.m.42 views

JVN#04125292: Cybozu Mailwise contains issue in preventing clickjacking attacks

Cybozu Mailwise contains multiple pages for editing/sending bulk emails. Some of these pages fail to protect against clickjacking attacks. Impact If a user views a malicious page while logged in, the user may be tricked into conducting unintended operations. Solution Update the Software Update to...

4.3CVSS4.8AI score0.01481EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/08/16 12:0 a.m.36 views

JVN#03052683: Cybozu Mailwise vulnerable to information disclosure

Cybozu Mailwise contains an information disclosure vulnerability in the page where CGI environment variables are displayed. Cookie that contains session information has httponly attribute, and the Cookie value cannot be obtained by JavaScript code. However, Cookie values can be obtained in the pa...

6.5CVSS6.3AI score0.01892EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/08/16 12:0 a.m.30 views

JVN#02576342: Cybozu Mailwise vulnerable to information disclosure

Cybozu Mailwise contains an information disclosure vulnerability in the mail view page. Impact When a user opens a specially crafted email, an attacker can notice that the user read the email. Solution Update the Software Update to the latest version according to the information provided by the...

4.3CVSS4.5AI score0.01586EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/08/16 12:0 a.m.39 views

JVN#01353821: Cybozu Mailwise vulnerable to mail header injection

Cybozu Mailwise contains a mail header injection vulnerability in the process of sending emails. Impact If a user is tricked into sending a specially crafted request, the header of the email to be sent may be altered. Solution Update the Software Update to the latest version according to the...

4.3CVSS4.8AI score0.01481EPSS
Exploits0
hackapp
hackapp
added 2016/04/20 1:23 p.m.75 views

Email Exchange + by Mailwise - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Email Exchange + by Mailwise published at the 'play' market has multiple vulnerabilities...

0.1AI score
Exploits0References1Affected Software1
Rows per page
Query Builder