Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2013-1939

Опубликовано: 14 мар. 2014
Источник: debian

Описание

The HTML\Browser plugin in SabreDAV before 1.6.9, 1.7.x before 1.7.7, and 1.8.x before 1.8.5, as used in ownCloud, when running on Windows, does not properly check path separators in the base path, which allows remote attackers to read arbitrary files via a \ (backslash) character.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
owncloudnot-affectedpackage
php-sabredavnot-affectedpackage

Примечания

  • http://owncloud.org/about/security/advisories/oC-SA-2013-016/

Связанные уязвимости

ubuntu логотип

CVE-2013-1939

ubuntu
почти 12 лет назад

The HTML\Browser plugin in SabreDAV before 1.6.9, 1.7.x before 1.7.7, and 1.8.x before 1.8.5, as used in ownCloud, when running on Windows, does not properly check path separators in the base path, which allows remote attackers to read arbitrary files via a \ (backslash) character.

nvd логотип

CVE-2013-1939

nvd
почти 12 лет назад

The HTML\Browser plugin in SabreDAV before 1.6.9, 1.7.x before 1.7.7, and 1.8.x before 1.8.5, as used in ownCloud, when running on Windows, does not properly check path separators in the base path, which allows remote attackers to read arbitrary files via a \ (backslash) character.

github логотип

GHSA-qg5v-jw6f-rpfj

github
больше 3 лет назад

SabreDAV Directory Traversal vulnerability