Search

Find a vulnerability

Search criteria

    1 vulnerability found for Cybozu Desktop by Cybozu, Inc.

    JVNDB-2020-000034

    Vulnerability from jvndb - Published: 2020-05-25 15:09 - Updated:2020-05-25 15:09
    Severity
    Summary
    Cybozu Desktop for Windows vulenerable to arbitrary code execution
    Details
    Cybozu Desktop for Windows provided by Cybozu, Inc. contains an arbitrary code execution vulnerability due to the improper data processing when applying the software update. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to Cybozu, Inc. and coordinated. Cybozu, Inc. and JPCERT/CC published respective advisories in order to notify users of this vulnerability.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000034.html",
      "dc:date": "2020-05-25T15:09+09:00",
      "dcterms:issued": "2020-05-25T15:09+09:00",
      "dcterms:modified": "2020-05-25T15:09+09:00",
      "description": "Cybozu Desktop for Windows provided by Cybozu, Inc. contains an arbitrary code execution vulnerability due to the improper data processing when applying the software update.\r\n\r\nToshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to Cybozu, Inc. and coordinated. Cybozu, Inc. and JPCERT/CC published respective advisories in order to notify users of this vulnerability.",
      "link": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000034.html",
      "sec:cpe": {
        "#text": "cpe:/a:cybozu:desktop",
        "@product": "Cybozu Desktop",
        "@vendor": "Cybozu, Inc.",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "5.1",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
          "@version": "2.0"
        },
        {
          "@score": "8.3",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2020-000034",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN59552136/index.html",
          "@id": "JVN#59552136",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5537",
          "@id": "CVE-2020-5537",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-5537",
          "@id": "CVE-2020-5537",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-20",
          "@title": "Improper Input Validation(CWE-20)"
        }
      ],
      "title": "Cybozu Desktop for Windows vulenerable to arbitrary code execution"
    }