{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T20:20:19.096","vulnerabilities":[{"cve":{"id":"CVE-2013-6003","sourceIdentifier":"vultures@jpcert.or.jp","published":"2013-12-05T12:55:30.293","lastModified":"2026-04-29T01:13:23.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CRLF injection vulnerability in Cybozu Garoon 3.1 through 3.5 SP5, when Phone Messages forwarding is enabled, allows remote authenticated users to inject arbitrary e-mail headers via unspecified vectors."},{"lang":"es","value":"Vulnerabilidad de inyección CRLF en Cybozu Garoon 3.1 a 3.5 SP5, cuando se activa el reenvío de Phone Messages, permite a atacantes autenticados remotamente inyectar cabeceras de email arbitrarias a través de vectores no especificados."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cybozu:garoon:3.1:*:*:*:*:*:*:*","matchCriteriaId":"091F5390-9ADF-49D9-83E1-BFD523CD03FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybozu:garoon:3.1:sp1:*:*:*:*:*:*","matchCriteriaId":"A3462F9A-A4CA-4622-9614-D1D94797EA32"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybozu:garoon:3.1:sp2:*:*:*:*:*:*","matchCriteriaId":"64C1B9B8-14DF-4195-A130-BE4103292125"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybozu:garoon:3.1:sp3:*:*:*:*:*:*","matchCriteriaId":"3A63ACA4-BF92-4CB3-B078-5BA85478593D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybozu:garoon:3.5:*:*:*:*:*:*:*","matchCriteriaId":"71CECA0B-D131-45A7-8D6C-E45EF0F09CF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybozu:garoon:3.5:sp1:*:*:*:*:*:*","matchCriteriaId":"76EB8EC8-D968-408D-A0F2-14164F515C3F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybozu:garoon:3.5:sp2:*:*:*:*:*:*","matchCriteriaId":"A0166440-4223-4ED5-9C55-0B2CBAEFF196"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybozu:garoon:3.5:sp3:*:*:*:*:*:*","matchCriteriaId":"BFCFB357-293D-49CD-8090-FBD687F97D4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybozu:garoon:3.5:sp4:*:*:*:*:*:*","matchCriteriaId":"63FA07F5-2085-4EE1-9BCB-2F9D0713014F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybozu:garoon:3.5:sp5:*:*:*:*:*:*","matchCriteriaId":"F47A9F1D-E966-4BEE-AD2D-8DA23B848825"}]}]}],"references":[{"url":"http://cs.cybozu.co.jp/information/20131202up01.php","source":"vultures@jpcert.or.jp"},{"url":"http://jvn.jp/en/jp/JVN84221103/index.html","source":"vultures@jpcert.or.jp"},{"url":"http://jvndb.jvn.jp/jvndb/JVNDB-2013-000116","source":"vultures@jpcert.or.jp"},{"url":"https://support.cybozu.com/ja-jp/article/6121","source":"vultures@jpcert.or.jp","tags":["Vendor Advisory"]},{"url":"http://cs.cybozu.co.jp/information/20131202up01.php","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://jvn.jp/en/jp/JVN84221103/index.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://jvndb.jvn.jp/jvndb/JVNDB-2013-000116","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://support.cybozu.com/ja-jp/article/6121","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}