JVNVU#91417143
Multiple vulnerabilities in GigaCC OFFICE
Overview
GigaCC OFFICE provided by WAM!NET Japan K.K. contains multiple vulnerabilities.
Products Affected
- GigaCC OFFICE ver.2.3 and earlier
Description
- Mis-configuration of Apache Velocity template engine which is used to send emails - CVE-2016-7844
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Base Score: 5.5 CVSS v2 AV:N/AC:M/Au:S/C:P/I:P/A:P Base Score: 6.0 - Apache Struts 1 vulnerability that allows unintended remote operations against components on server memory - CVE-2016-1181
CVSS v3 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 8.1 CVSS v2 AV:N/AC:M/Au:N/C:P/I:P/A:P Base Score: 6.8 - Arbitrary files may be uploaded - CVE-2016-7845
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Base Score: 5.4 CVSS v2 AV:N/AC:L/Au:S/C:P/I:N/A:P Base Score: 5.5
Impact
- Sending emails using a specially crafted mail template may result in an arbitrary OS command executed on the server - CVE-2016-7844
- Denial of Service (DoS) condition may be caused by processing a specially crafted request - CVE-2016-1181
- An arbitrary file can be uploaded as a profile image file by a user, which may be used for unauthorized file sharing - CVE-2016-7845
Solution
Solution for CVE-2016-7844 and CVE-2016-1181 vulnerabilities:
Update to the latest version and then apply a patch
Update to GigaCC OFFICE ver.2.3 and then apply an appropriate patch according to the information provided by the developer.
Solution for CVE-2016-7845 vulnerability:
Update to the latest version and apply Patch 1, and then apply an update module
Update to Giga CC OFFICE ver.2.4 and apply Patch 1, and then apply an update module according to the information provided by the developer.
Vendor Status
Vendor | Link |
WAM!NET Japan K.K. | Notification of vulnerabilities in GigaCC OFFICE |
References
-
The Apache Velocity Project
SecureUberspector (Apache Velocity 2.0-SNAPSHOT API) -
Japan Vulnerability Notes JVN#03188560
Apache Struts 1 vulnerability that allows unintended remote operations against components on memory
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
WAM!NET Japan K.K. and the following people reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and WAM!NET Japan K.K. coordinated under the Information Security Early Warning Partnership.
Dongjoo Ha and Heaeun Moon of NSHC Pre., Ltd.
Masaki Yoshikawa of Recruit Technologies Co.,Ltd.
Other Information
JPCERT Alert |
|
JPCERT Reports |
|
CERT Advisory |
|
CPNI Advisory |
|
TRnotes |
|
CVE |
CVE-2016-1181 |
CVE-2016-7844 |
|
CVE-2016-7845 |
|
JVN iPedia |
|