Medium severity4.3NVD Advisory· Published Apr 17, 2017· Updated May 13, 2026
CVE-2016-4868
CVE-2016-4868
Description
Email header injection vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote attackers to inject arbitrary email headers to send unintended emails via specially crafted requests.
Affected products
16cpe:2.3:a:cybozu:office:10.0.0:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:cybozu:office:10.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:10.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:10.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:10.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:10.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:10.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:10.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:10.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:9.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:9.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:9.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:9.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:9.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:9.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:office:9.9.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- jvn.jp/en/jp/JVN08736331/index.htmlnvdThird Party AdvisoryVDB Entry
- jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000190.htmlnvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/97713nvdThird Party AdvisoryVDB Entry
- support.cybozu.com/ja-jp/article/9433nvdVendor Advisory
News mentions
0No linked articles in our index yet.