Vulnerabilities > Cybozu
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-09-14 | CVE-2012-4013 | Information Exposure vulnerability in Cybozu Kunai Browser FOR Remote Service The WebView class in the Cybozu KUNAI Browser for Remote Service application beta for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. | 4.3 |
2012-09-08 | CVE-2012-4012 | Information Exposure vulnerability in Cybozu Kunai 2.0.5 The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. | 4.3 |
2012-09-08 | CVE-2012-4011 | OS Command Injection vulnerability in Cybozu Kunai 2.0.5 The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. | 9.3 |
2012-08-31 | CVE-2012-4009 | Code Injection vulnerability in Cybozu Live 1.0.4 The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. | 6.8 |
2012-08-31 | CVE-2012-4008 | Code Injection vulnerability in Cybozu Live 1.0.4 The Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. | 6.8 |
2011-10-21 | CVE-2011-2677 | Permissions, Privileges, and Access Controls vulnerability in Cybozu Office 6 Cybozu Office before 8.0.0 allows remote authenticated users to bypass intended access restrictions and access sensitive information (time card and attendance) via unspecified vectors related to manipulation of a URL. | 5.5 |
2011-06-29 | CVE-2011-1335 | Cross-Site Scripting vulnerability in Cybozu Office 6/7/8 Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7, and 8 before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "address book and user list functions." | 4.3 |
2011-06-29 | CVE-2011-1334 | Cross-Site Scripting vulnerability in Cybozu products Cross-site scripting (XSS) vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the mail system." | 4.3 |
2011-06-29 | CVE-2011-1333 | Cross-Site Scripting vulnerability in Cybozu Garoon and Office Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the bulletin board system." | 4.3 |
2011-06-29 | CVE-2011-1332 | Cross-Site Scripting vulnerability in Cybozu Garoon Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-6570. | 4.3 |