CVE-2014-1996 Information

Description

Cybozu Garoon 3.7 before SP4 allows remote authenticated users to bypass intended access restrictions and execute arbitrary code or cause a denial of service via an API call.

Reference

http://cs.cybozu.co.jp/information/gr20140714up01.php http://jvn.jp/en/jp/JVN31082531/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000074