CVE-2006-4491
Summary
| CVE | CVE-2006-4491 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-08-31 22:04:00 UTC |
| Updated | 2008-11-11 06:28:00 UTC |
| Description | Directory traversal vulnerability in Cybozu Collaborex, AG before 1.2(1.5), AG Pocket before 5.2(0.8), Mailwise before 3.0(0.3), and Garoon 1 before 1.5(4.1) allows remote authenticated users to read arbitrary files via unspecified vectors. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cybozu | Collaborex | All | All | All | All |
| Application | Cybozu | Collaborex | All | All | All | All |
| Application | Cybozu | Cybozu Ag | 1.2(1.4) | All | All | All |
| Application | Cybozu | Cybozu Ag | 1.2\(1.4\) | All | All | All |
| Application | Cybozu | Cybozu Ag | 1.2\(1.4\) | All | All | All |
| Application | Cybozu | Cybozu Pocket | 5.2(0.7) | All | All | All |
| Application | Cybozu | Cybozu Pocket | 5.2\(0.7\) | All | All | All |
| Application | Cybozu | Cybozu Pocket | 5.2\(0.7\) | All | All | All |
| Application | Cybozu | Garoon 1 | 1.5(4.0) | All | All | All |
| Application | Cybozu | Garoon 1 | 1.5\(4.0\) | All | All | All |
| Application | Cybozu | Garoon 1 | 1.5\(4.0\) | All | All | All |
| Application | Cybozu | Mailwise | 3.0(0.2) | All | All | All |
| Application | Cybozu | Mailwise | 3.0\(0.2\) | All | All | All |
| Application | Cybozu | Mailwise | 3.0\(0.2\) | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| お探しのページが見つかりませんでした。 | サイボウズ株式会社 | CONFIRM | cybozu.co.jp | Patch |
| SecurityTracker.com Archives - Cybozu Office Discloses Files to Remote Users | SECTRACK | securitytracker.com | Patch |
| 28262 | OSVDB | www.osvdb.org | |
| Cybozu Collaborex Arbitrary File Download Vulnerability - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| JVN#90420168: 複数のサイボウズ製品におけるディレクトリトラバーサルの脆弱性 | JVN | jvn.jp | Patch |
| Cybozu Products Arbitrary File Download Vulnerability - Advisories - Secunia | SECUNIA | secunia.com | Patch, Vendor Advisory |
| JVN:JVN#90420168 | MITRE | jvn.jp | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.