Описание
The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 6.0.1+dfsg-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [6.0.1+dfsg-1ubuntu1]] |
| hardy | DNE | |
| lucid | DNE | |
| oneiric | not-affected | |
| precise | not-affected | |
| quantal | not-affected | 4.0.8debian-1.1ubuntu0.1 |
| raring | ignored | end of life |
| saucy | not-affected | 5.0.10+dfsg-1ubuntu1 |
| trusty | not-affected | 6.0.1+dfsg-1ubuntu1 |
Показывать по
4 Medium
CVSS2
Связанные уязвимости
The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors.
The contacts application in ownCloud before 4.5.10 and 5.x before 5.0. ...
The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors.
4 Medium
CVSS2