Executive Summary

Informations
Name CVE-2015-3436 First vendor Publication 2015-06-09
Vendor Cve Last vendor Modification 2016-12-06

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:C/A:C)
Cvss Base Score 6.6 Attack Range Local
Cvss Impact Score 9.2 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-lock.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3436

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-59 Improper Link Resolution Before File Access ('Link Following')

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 29

Nessus® Vulnerability Scanner

Date Description
2015-06-09 Name : The remote Fedora host is missing a security update.
File : fedora_2015-8479.nasl - Type : ACT_GATHER_INFO
2015-06-09 Name : The remote Fedora host is missing a security update.
File : fedora_2015-8487.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/75104
CONFIRM https://jira.zarafa.com/browse/ZCP-13282
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159455.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159497.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
Date Informations
2020-05-23 01:55:40
  • Multiple Updates
2020-05-23 00:45:14
  • Multiple Updates
2018-04-21 12:02:49
  • Multiple Updates
2016-12-06 09:24:06
  • Multiple Updates
2016-04-27 02:23:10
  • Multiple Updates
2015-06-11 00:26:11
  • Multiple Updates
2015-06-10 13:27:49
  • Multiple Updates
2015-06-09 21:27:38
  • First insertion