Vulnerability Description
Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages.
CVSS Score
9.0
HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cybozu | Office | <= 10.0.2 |
| Cybozu | Dezie | <= 8.1.0 |
| Cybozu | Mailwise | <= 5.1.3 |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN14691234/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2014-000130
- http://secunia.com/advisories/62248
- https://cs.cybozu.co.jp/2014/1110-2.htmlVendor Advisory
- http://jvn.jp/en/jp/JVN14691234/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2014-000130
- http://secunia.com/advisories/62248
- https://cs.cybozu.co.jp/2014/1110-2.htmlVendor Advisory
FAQ
What is CVE-2014-5314?
CVE-2014-5314 is a vulnerability with a CVSS score of 9.0 (HIGH). Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages.
How severe is CVE-2014-5314?
CVE-2014-5314 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-5314?
Check the references section above for vendor advisories and patch information. Affected products include: Cybozu Office, Cybozu Dezie, Cybozu Mailwise.