Vulnerability Description
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via specially crafted mail template.
CVSS Score
5.5
MEDIUM
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gigaccsecure | Gigacc Office | <= 2.3 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/95680
- https://asp.gigacc.com/user/publicurl/view.do%3Bjsessionid=28438FE401A764B7CEDB3
- https://jvn.jp/en/vu/JVNVU91417143/index.htmlThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/95680
- https://asp.gigacc.com/user/publicurl/view.do%3Bjsessionid=28438FE401A764B7CEDB3
- https://jvn.jp/en/vu/JVNVU91417143/index.htmlThird Party AdvisoryVDB Entry
FAQ
What is CVE-2016-7844?
CVE-2016-7844 is a vulnerability with a CVSS score of 5.5 (MEDIUM). GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via specially crafted mail template.
How severe is CVE-2016-7844?
CVE-2016-7844 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-7844?
Check the references section above for vendor advisories and patch information. Affected products include: Gigaccsecure Gigacc Office.