CVE-2015-0910

Published Apr 24, 2015

Last updated 3 months ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename.
Source: vultures@jpcert.or.jp
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98F0DED8-0655-45A2-88F6-A8674698FA07"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE43C2C9-A576-469C-9CE6-1DFED80C4FD3"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9A8D24F-2C2B-4B3A-A5B6-688B533DA63C"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FA36C32-F71A-49CF-B847-08B36A673151"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "043BA0EE-3221-40D0-B550-1C5EEF48411A"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B92BDA13-7FC7-4E98-93F7-F9BF71189056"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D518B16A-DF7B-4D57-972A-2AFA5592A53F"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12DB908B-5953-499C-AF72-C3A3678D534A"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D6AF884-6EC4-4E13-BBFA-C39583EC6E07"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5981120B-B35E-4267-A335-A07FB490ED8B"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "335EB0FD-F305-48A5-856C-6E31AF4C3176"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "437CB136-9016-486F-9A6C-1EBE36282FC8"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74386143-3136-479C-BEAC-21AF91FD54E8"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0012F5DB-DBEC-4FE5-9DE7-BF797E25380E"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "272690F5-21E5-43EF-BE04-1584C714B576"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28321C0A-A76B-4BCC-AA48-0CD8CDFD7A77"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41322543-2438-48EB-BBC5-1FBC81DEC033"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B119E334-08B9-4B9D-A6C1-CBDF48B16164"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CA7636D-4554-48BA-94D1-9F64A9A779F9"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4917CAA-1C0B-4226-9663-8F23B026218B"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28C7DF8F-ECAA-49F5-AD56-9615AA560C3A"
          },
          {
            "criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C138F9A0-8827-4E60-8156-74472539C453"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References