Cybozu Mailwise < 5.1.4 Buffer Overflow Vulnerability

Cybozu Mailwise is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cybozu:mailwise";...

Buffer overflow

Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages...

CVE-2014-5314

Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages...

CVE-2014-5314

CVE-2014-5314 maps to a buffer overflow in Cybozu Office, Cybozu Mailwise and Cybozu Dezie that allows remote authenticated users to execute arbitrary code via email messages. OpenVAS entries and JVN/CVE references confirm affected product families and versions: Cybozu Office up to 10.0.x (pre-10...

CVE-2014-5314

Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages...

JVN#14691234: Multiple Cybozu products vulnerable to buffer overflow

Multiple products provided by Cybozu, Inc. contain a buffer overflow vulnerability CWE-119. Impact A remote attacker may cause a denial-of-service DoS or execute arbitrary code. Solution Update the Software Update to the latest version according to the information provided by the developer...

CVE-2013-4698

Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines within the user's own mailbox...

Design/Logic Flaw

Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines within the user's own mailbox...

CVE-2013-4698

Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines within the user's own mailbox...

CVE-2013-4698

Cybozu Mailwise 5.0.4 and 5.0.5 are affected by an information-disclosure vulnerability where remote authenticated users can view contents of other emails by reading Subject header lines in their own mailbox. Root cause: improper handling of Subject headers enables cross-email visibility in oppor...

Cybozu Mailwise vulnerable to information disclosure

Overview Cybozu Mailwise contains a vulnerability that may display contents of another email in the subject field. Impact Contents of an email may be obtained by a user that does not have privileges to access that original email. Solution Update the Software Update to the latest version according...

JVN#21103639: Cybozu Mailwise vulnerable to information disclosure

Cybozu Mailwise contains a vulnerability that may display contents of another email in the subject field. Impact Contents of an email may be obtained by a user that does not have privileges to access that original email. Solution Update the Software Update to the latest version according to the...

CVE-2013-2305

Cross-site request forgery CSRF vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords...

JVN#06251813: Multiple Cybozu products vulnerable to cross-site request forgery

Multiple Cybozu products contain a cross-site request forgery vulnerability. Impact If a user accesses a specially crafted URL while logged in, user passwords or administrator passwords may be altered. Solution Update the Software Update to the latest version according to the information provided...

Cybozu Products Mail System Images Cross-Site Scripting Vulnerability

This host is running Cybozu Office, Cybozu Garoon, Cybozu Dezie or Cybozu MailWise and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodcybozuproductsmailsystemxssvuln.nasl 7024 2017-08-30 11:51:43Z teissa $ Cybozu Products Mail System Images Cross-Site...

Cybozu Products Mail System Images XSS Vulnerability

Cybozu Office, Cybozu Garoon, Cybozu Dezie or Cybozu MailWise is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Cybozu Products Detection (HTTP)

HTTP based detection of various Cybozu products. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-1334

Cross-site scripting XSS vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from...

Cross site scripting

Cross-site scripting XSS vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from...

CVE-2011-1334

Cross-site scripting XSS vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from...