CVE-2011-2677 Information

Description

Cybozu Office before 8.0.0 allows remote authenticated users to bypass intended access restrictions and access sensitive information (time card and attendance) via unspecified vectors related to manipulation of a URL.

Reference

http://cs.cybozu.co.jp/information/20111005notice01.php http://jvn.jp/en/jp/JVN84838479/index.html http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000079.html http://osvdb.org/76124 http://secunia.com/advisories/46321 http://www.securityfocus.com/bid/50015 https://exchange.xforce.ibmcloud.com/vulnerabilities/70411