CVE-2018-15668 - OpenCVE

Vendors	Products
Bloop	Airmail 3

Link	Resource
https://versprite.com/advisories/airmail-3-for-mac-2/	Third Party Advisory

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-08-21T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. The \"send\" command in the airmail:// URL scheme allows an external application to send arbitrary emails from an active account. URL parameters for the \"send\" command with the \"attachment_\" prefix designate attachment parameters. If the value of an attachment parameter corresponds to an accessible file path, the file is attached to the outbound message. In addition, relative file paths are acceptable attachment parameter values. The handler can be invoked using any method that invokes the URL handler such as a hyperlink in an email. The user is not prompted when the handler processes the \"send\" command, thus leading to automatic transmission of an email with designated attachments from the target account to a target address."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-08-21T23:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://versprite.com/advisories/airmail-3-for-mac-2/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-15668", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. The \"send\" command in the airmail:// URL scheme allows an external application to send arbitrary emails from an active account. URL parameters for the \"send\" command with the \"attachment_\" prefix designate attachment parameters. If the value of an attachment parameter corresponds to an accessible file path, the file is attached to the outbound message. In addition, relative file paths are acceptable attachment parameter values. The handler can be invoked using any method that invokes the URL handler such as a hyperlink in an email. The user is not prompted when the handler processes the \"send\" command, thus leading to automatic transmission of an email with designated attachments from the target account to a target address."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://versprite.com/advisories/airmail-3-for-mac-2/", "refsource": "MISC", "url": "https://versprite.com/advisories/airmail-3-for-mac-2/"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-15668", "datePublished": "2018-08-21T23:00:00", "dateReserved": "2018-08-21T00:00:00", "dateUpdated": "2018-08-21T23:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bloop:airmail_3:3.5.9:*:*:*:*:macos:*:*", "matchCriteriaId": "877A6161-2DB1-4EDE-A2C3-922354E2FC4D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. The \"send\" command in the airmail:// URL scheme allows an external application to send arbitrary emails from an active account. URL parameters for the \"send\" command with the \"attachment_\" prefix designate attachment parameters. If the value of an attachment parameter corresponds to an accessible file path, the file is attached to the outbound message. In addition, relative file paths are acceptable attachment parameter values. The handler can be invoked using any method that invokes the URL handler such as a hyperlink in an email. The user is not prompted when the handler processes the \"send\" command, thus leading to automatic transmission of an email with designated attachments from the target account to a target address."}, {"lang": "es", "value": "Se ha descubierto un error en la versi\u00f3n 3.3.5.9 de Bloop Airmail para macOS. El comando \"send\" en el esquema URL airmail:// permite que una aplicaci\u00f3n externa env\u00ede correos arbitrarios desde una cuenta activa. Los par\u00e1metros URL para el comando \"send\" con el prefijo \"attachment_\" designan los par\u00e1metros adjuntos. Si el valor de un par\u00e1metro adjunto corresponde con una ruta de archivo accesible, el archivo se adjunta al mensaje saliente. Adem\u00e1s, las rutas de archivos relativas son valores de los par\u00e1metros adjuntos aceptables. El manipulador se puede invocar usando cualquier m\u00e9todo que invoque el manipulador URL como un hiperv\u00ednculo en un correo. No se le pide ninguna confirmaci\u00f3n al usuario cuando el manipulador procesa el comando \"send\", conduciendo al env\u00edo autom\u00e1tico de un correo con adjuntos designados desde la cuenta objetivo a una direcci\u00f3n objetivo."}], "id": "CVE-2018-15668", "lastModified": "2020-05-11T17:00:41.497", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-08-21T23:29:00.363", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://versprite.com/advisories/airmail-3-for-mac-2/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

JSON object

JSON object

JSON object