CVE-2016-4868

Email header injection vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote attackers to inject arbitrary email headers to send unintended emails via specially crafted requests.
References
Link Resource
https://support.cybozu.com/ja-jp/article/9433 Vendor Advisory
http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000190.html Third Party Advisory VDB Entry
http://jvn.jp/en/jp/JVN08736331/index.html Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/97713 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cybozu:office:10.0.0:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:10.0.1:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:9.1.0:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:9.2.0:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:10.4.0:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:10.3.0:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:9.0:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:9.9.0:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:10.1.2:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:10.2.0:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:9.3.1:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:9.3.0:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:9.2.1:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:10.1.0:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:10.0.2:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:office:9.3.2:*:*:*:*:*:*:*

Information

Published : 2017-04-17 08:59

Updated : 2017-05-22 18:29


NVD link : CVE-2016-4868

Mitre link : CVE-2016-4868


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

cybozu

  • office