Search a vulnerability

All the vulnerabilites related to Cybozu, Inc. - Cybozu Collaborex

jvndb-2011-000046

Vulnerability from jvndb

Published

2011-06-24 19:21

Modified

2011-06-24 19:21

Severity

() - -

Summary

Multiple Cybozu products vulnerable to cross-site scripting

Details

Multiple products provided by Cybozu, Inc. contain a cross-site scripting vulnerability. Multiple groupware provided by Cybozu, Inc. contain a cross-site scripting vulnerability due to an issue when downloading graphic files from the mail system. Sen UENO of Tricorder Co. Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type	URL
JVN	https://jvn.jp/en/jp/JVN54074460
CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1334
NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1334
Cross-site Scripting(CWE-79)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor	Product
Cybozu, Inc.	Cybozu Collaborex
Cybozu, Inc.	Cybozu Dezie
Cybozu, Inc.	Cybozu Garoon
Cybozu, Inc.	Cybozu Mailwise
Cybozu, Inc.	Cybozu Office

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000046.html",
  "dc:date": "2011-06-24T19:21+09:00",
  "dcterms:issued": "2011-06-24T19:21+09:00",
  "dcterms:modified": "2011-06-24T19:21+09:00",
  "description": "Multiple products provided by Cybozu, Inc. contain a cross-site scripting vulnerability.\r\n\r\nMultiple groupware provided by Cybozu, Inc. contain a cross-site scripting vulnerability due to an issue when downloading graphic files from the mail system.\r\n\r\nSen UENO of Tricorder Co. Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000046.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:cybozu:collaborex",
      "@product": "Cybozu Collaborex",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cybozu:dezie",
      "@product": "Cybozu Dezie",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cybozu:garoon",
      "@product": "Cybozu Garoon",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cybozu:mailwise",
      "@product": "Cybozu Mailwise",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:cybozu:office",
      "@product": "Cybozu Office",
      "@vendor": "Cybozu, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2011-000046",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN54074460",
      "@id": "JVN#54074460",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1334",
      "@id": "CVE-2011-1334",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1334",
      "@id": "CVE-2011-1334",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "Multiple Cybozu products vulnerable to cross-site scripting"
}

jvndb-2006-000651