Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2049

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-2049
Last Modified 25 Mar 2014 03:32:36
Published 14 Mar 2014 12:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-2049

Summary

The default Flash Cross Domain policies in ownCloud before 5.0.15 and 6.x before 6.0.2 allows remote attackers to access user files via unspecified vectors.

Vulnerable Systems

Application

  • Owncloud 3.0.0

  • Owncloud 3.0.1

  • Owncloud 3.0.2

  • Owncloud 3.0.3

  • Owncloud 4.0.0

  • Owncloud 4.0.1

  • Owncloud 4.0.10

  • Owncloud 4.0.11

  • Owncloud 4.0.12

  • Owncloud 4.0.13

  • Owncloud 4.0.14

  • Owncloud 4.0.15

  • Owncloud 4.0.16

  • Owncloud 4.0.2

  • Owncloud 4.0.3

  • Owncloud 4.0.4

  • Owncloud 4.0.5

  • Owncloud 4.0.6

  • Owncloud 4.0.7

  • Owncloud 4.0.8

  • Owncloud 4.0.9

  • Owncloud 4.5.0

  • Owncloud 4.5.1

  • Owncloud 4.5.10

  • Owncloud 4.5.11

  • Owncloud 4.5.12

  • Owncloud 4.5.13

  • Owncloud 4.5.2

  • Owncloud 4.5.3

  • Owncloud 4.5.4

  • Owncloud 4.5.5

  • Owncloud 4.5.6

  • Owncloud 4.5.7

  • Owncloud 4.5.8

  • Owncloud 4.5.9

  • Owncloud 5.0.0

  • Owncloud 5.0.1

  • Owncloud 5.0.10

  • Owncloud 5.0.11

  • Owncloud 5.0.12

  • Owncloud 5.0.13

  • Owncloud 5.0.14

  • Owncloud 5.0.2

  • Owncloud 5.0.3

  • Owncloud 5.0.4

  • Owncloud 5.0.5

  • Owncloud 5.0.6

  • Owncloud 5.0.7

  • Owncloud 5.0.8

  • Owncloud 5.0.9

  • Owncloud 6.0.0

  • Owncloud 6.0.1


References

CONFIRM - http://owncloud.org/about/security/advisories/oC-SA-2014-003/


Last Updated: 27 May 2016 11:04:42