Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-1893

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2013-1893
Last Modified 10 Mar 2014 10:03:46
Published 09 Mar 2014 09:16:56
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2013-1893

Summary

SQL injection vulnerability in addressbookprovider.php in ownCloud Server before 5.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, related to the contacts application.

Vulnerable Systems

Application

  • Owncloud 5.0.0


References

XF - owncloud-addressbookprovider-sql-injection(83253)

BID - 58855

CONFIRM - http://owncloud.org/about/security/advisories/oC-SA-2013-012


Last Updated: 27 May 2016 11:04:35