Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-1963

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2013-1963
Last Modified 17 Mar 2014 11:10:00
Published 14 Mar 2014 12:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2013-1963

Summary

The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors.

Vulnerable Systems

Application

  • Owncloud 4.5.0

  • Owncloud 4.5.1

  • Owncloud 4.5.2

  • Owncloud 4.5.3

  • Owncloud 4.5.4

  • Owncloud 4.5.5

  • Owncloud 4.5.6

  • Owncloud 4.5.7

  • Owncloud 4.5.8

  • Owncloud 4.5.9

  • Owncloud 5.0.0

  • Owncloud 5.0.1

  • Owncloud 5.0.2

  • Owncloud 5.0.3

  • Owncloud 5.0.4


References

CONFIRM - http://owncloud.org/about/security/advisories/oC-SA-2013-018/


Last Updated: 27 May 2016 11:04:38