CVE-2016-1142

Published Jan 16, 2016

Last updated 6 years ago

Overview

Description: Seeds acmailer before 3.8.21 and 3.9.x before 3.9.15 Beta allows remote authenticated users to execute arbitrary OS commands via unspecified vectors.
Source: vultures@jpcert.or.jp
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 3.0

Type: Primary
Base score: 9.1
Impact score: 6
Exploitability score: 2.3
Vector string: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 10
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-78

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "986C71EB-BD43-40E6-93F3-976C8DEADF37",
            "versionEndExcluding": "3.8.21",
            "versionStartIncluding": "3.8.0"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE7CC02E-0112-4B80-AEBF-13D13B135921"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.1:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B2F6EDE-7FBD-4A02-A43A-036D0D4EBE65"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.2:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90A6E799-326A-4710-A84D-FF68DFADE0B5"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.3:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD8FADE1-B210-44AB-88A3-88F6426B1B66"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.4:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB8809F1-BBB1-478F-ABE7-86FD4ABD6E54"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.5:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74E77742-0557-4237-B209-0B5734B1847A"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.6:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB478F72-3CB2-4312-ADA1-73A52498E867"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.7:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F99AAE6C-AA0B-4E18-9E81-E9C6DB825418"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.8:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D451434D-CA40-45D5-87BE-BB452C50AD73"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.9:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D556988-7FE0-4B88-9745-B15F157CCC45"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.10:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5346C1C-8D1A-41CE-B569-9E65BCDD17F5"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.11:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AB4678D-E82B-4FCC-A6DD-6D7770B5D403"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.12:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F6115BA-4844-4B31-BCDD-7BF2E2A19A7F"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4BA8467-5DEE-4A80-8515-9907EAD5F226"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Configurations

References