Published:2006/08/28 Last Updated:2008/05/21
JVN#31125599
Cybozu Office 6 information disclosure vulnerability
Overview
A vulnerability exists in Cybozu Office 6 allowing the disclosure of registered users or groups information.
Cybozu Office 6 provides several login methods. One of the methods, meant to be used in the Internet, allows direct entry of a username. However, even when this method is used, information of registered users and groups could be obtained by an attacker.
Products Affected
- Cybozu Office 6 6.5(1.2) and earlier
Description
Impact
A remote attacker could obtain information on registered users and groups.
Solution
References
JPCERT/CC Addendum
Credit
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2006-000649 |