GCVE - cpe:2.3:a:cybozu:office:6:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:cybozu:office:6:*:*:*:*:*:*:*

part: a version: 6 update: *

Vendor	Cybozu (`6c3c6c19-80d3-5353-ad46-e08ec1369448`)
Product	Office (`3e47509a-1a03-5002-929e-9c2c66c074a0`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2011-2677`	vulnerable	2026-06-03 14:31:09.790558	Details available Cybozu Office before 8.0.0 allows remote authenticated users to bypass intended access restrictions and access sensitive information (time card and attendance) via unspecified vectors related to manipulation of a URL. Published: 2011-10-21T18:00:00.000Z Updated: 2024-08-06T23:08:23.777Z Open on db.gcve.eu Reference links http://osvdb.org/76124 http://cs.cybozu.co.jp/information/20111005notice01.php https://exchange.xforce.ibmcloud.com/vulnerabilities/70411 http://jvn.jp/en/jp/JVN84838479/index.html http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000079.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-1335`	vulnerable	2026-06-03 14:31:00.697114	Details available Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7, and 8 before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "address book and user list functions." Published: 2011-06-29T17:00:00.000Z Updated: 2024-09-16T17:17:46.778Z Open on db.gcve.eu Reference links http://cs.cybozu.co.jp/information/20100816notice05.php http://secunia.com/advisories/44992 http://secunia.com/advisories/45050 http://www.osvdb.org/73320 http://www.securityfocus.com/bid/48446	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-1334`	vulnerable	2026-06-03 14:31:00.685745	Details available Cross-site scripting (XSS) vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the mail system." Published: 2011-06-29T17:00:00.000Z Updated: 2024-09-17T01:16:50.241Z Open on db.gcve.eu Reference links http://cybozu.co.jp/products/dl/notice/detail/0019.html http://www.osvdb.org/73317 http://www.securityfocus.com/bid/48446 http://jvn.jp/en/jp/JVN54074460/index.html http://secunia.com/advisories/45043	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-1333`	vulnerable	2026-06-03 14:31:00.685169	Details available Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the bulletin board system." Published: 2011-06-29T17:00:00.000Z Updated: 2024-09-17T00:40:53.563Z Open on db.gcve.eu Reference links http://cybozu.co.jp/products/dl/notice/detail/0019.html http://secunia.com/advisories/45063 http://jvndb.jvn.jp/jvndb/JVNDB-2011-000045 http://www.securityfocus.com/bid/48446 http://jvn.jp/en/jp/JVN80877328/index.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.