Vulnerabilities > CVE-2006-4491 - Directory Traversal vulnerability in Cybozu Ag

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

cybozu

NVD

Published: 2006-08-31

Updated: 2008-11-11

Summary

Directory traversal vulnerability in Cybozu Collaborex, AG before 1.2(1.5), AG Pocket before 5.2(0.8), Mailwise before 3.0(0.3), and Garoon 1 before 1.5(4.1) allows remote authenticated users to read arbitrary files via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Cybozu Cybozu Collaborex * Cybozu Cybozu AG 1.2\(1.4\) Cybozu Cybozu Pocket 5.2\(0.7\) Cybozu Garoon 1 1.5\(4.0\) Cybozu Mailwise 3.0\(0.2\)	5

References

http://cybozu.co.jp/products/dl/notice_060825/
http://jvn.jp/jp/JVN%2390420168/index.html
http://secunia.com/advisories/21638
http://secunia.com/advisories/21656
http://securitytracker.com/id?1016759
http://www.osvdb.org/28262