Cybozu Office Discloses Files to Remote Users
|
|
SecurityTracker Alert ID: 1016759
|
|
SecurityTracker URL: http://securitytracker.com/id?1016759
|
|
CVE Reference: CVE-2006-4490
, CVE-2006-4491
(Links to External Site)
|
Updated: Jun 8 2008
|
Original Entry Date: Aug 28 2006
|
Impact: Disclosure of system information, Disclosure of user information
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 6.5 (1.2) and prior versions
|
Description: A vulnerability was reported in Cybozu Office. A remote user can view files on the target system.
No further details were provided.
JPCERT reported this vulnerability.
|
Impact: A remote user can view files on the target system.
|
Solution: The vendor has issued a fixed version (6.6 (1.3)).
The Cybozu advisory is available at:
http://cybozu.co.jp/products/dl/notice_060825/
|
Vendor URL: cybozu.co.jp/products/dl/notice_060825/ (Links to External Site)
|
Cause: Access control error
|
Underlying OS: Linux (Any), UNIX (FreeBSD), UNIX (Solaris - SunOS), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Sun, 27 Aug 2006 23:11:11 -0400
Subject: Cybozu Office vulnerability
|
Office 6.5 (1.2) and prior versions
http://cybozu.co.jp/products/dl/notice_060825/
|
|
