Vulnerabilities > CVE-2006-4490 - Directory Traversal vulnerability in Cybozu Office
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Multiple directory traversal vulnerabilities in Cybozu Office before 6.6 Build 1.3 and Share 360 before 2.5 Build 0.3 allow remote authenticated users to read arbitrary files via a .. (dot dot) sequence via the id parameter in (1) scripts/cbag/ag.exe or (2) scripts/s360v2/s360.exe.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | Cybozu Products (id) Arbitrary File Retrieval Vulnerability. CVE-2006-4490. Webapps exploit for cgi platform |
| id | EDB-ID:2266 |
| last seen | 2016-01-31 |
| modified | 2006-08-28 |
| published | 2006-08-28 |
| reporter | Tan Chew Keong |
| source | https://www.exploit-db.com/download/2266/ |
| title | Cybozu Products id Arbitrary File Retrieval Vulnerability |
References
- http://cybozu.co.jp/products/dl/notice_060825/
- http://jvn.jp/jp/JVN%2390420168/index.html
- http://secunia.com/advisories/21618
- http://secunia.com/advisories/21623
- http://securitytracker.com/id?1016759
- http://vuln.sg/cybozu-en.html
- http://www.osvdb.org/28261
- http://www.osvdb.org/28262
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28591