Vulnerability CVE-2006-4491

Vulnerability CVE-2006-4491

Published: 2006-08-31 Modified: 2012-02-12

Description:

Directory traversal vulnerability in Cybozu Collaborex, AG before 1.2(1.5), AG Pocket before 5.2(0.8), Mailwise before 3.0(0.3), and Garoon 1 before 1.5(4.1) allows remote authenticated users to read arbitrary files via unspecified vectors.

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
4/10	2.9/10	8/10

Exploit range	Attack complexity	Authentication
Remote	Low	Single time
Confidentiality impact	Integrity impact	Availability impact
Partial	None	None

Affected software
Cybozu -> Collaborex
Cybozu -> Cybozu ag
Cybozu -> Cybozu pocket
Cybozu -> Garoon 1
Cybozu -> Mailwise

References:

http://securitytracker.com/id?1016759

http://secunia.com/advisories/21656

http://jvn.jp/jp/JVN%2390420168/index.html

http://cybozu.co.jp/products/dl/notice_060825/

http://secunia.com/advisories/21638

http://www.osvdb.org/28262

Copyright 2024, cxsecurity.com