1. CVE-Search
  2. CVE-2006-4490
ID CVE-2006-4490
Summary Multiple directory traversal vulnerabilities in Cybozu Office before 6.6 Build 1.3 and Share 360 before 2.5 Build 0.3 allow remote authenticated users to read arbitrary files via a .. (dot dot) sequence via the id parameter in (1) scripts/cbag/ag.exe or (2) scripts/s360v2/s360.exe.
References
Vulnerable Configurations
  • cpe:2.3:a:cybozu:cybozu_office:*:*:*:*:*:*:*:*
    cpe:2.3:a:cybozu:cybozu_office:*:*:*:*:*:*:*:*
  • cpe:2.3:a:cybozu:share_360:*:*:*:*:*:*:*:*
    cpe:2.3:a:cybozu:share_360:*:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 20-07-2017 - 01:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:N/A:N
refmap via4
confirm http://cybozu.co.jp/products/dl/notice_060825/
jvn JVN#90420168
misc http://vuln.sg/cybozu-en.html
osvdb
  • 28261
  • 28262
sectrack 1016759
secunia
  • 21618
  • 21623
xf cybozu-ag-s360-directory-traversal(28591)
Last major update 20-07-2017 - 01:33
Published 31-08-2006 - 22:04
Last modified 20-07-2017 - 01:33
Back to Top