Lucene search

K
cveRedhatCVE-2012-5610
HistoryDec 18, 2012 - 1:55 a.m.

CVE-2012-5610

2012-12-1801:55:07
CWE-20
redhat
web.nvd.nist.gov
29
nvd
cve-2012-5610
vulnerability
owncloud
php code
file upload

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.005

Percentile

77.0%

Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud before 4.0.9 and 4.5.x before 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a special crafted name.

Affected configurations

Nvd
Node
owncloudowncloudRange4.0.8
OR
owncloudowncloudMatch3.0.0
OR
owncloudowncloudMatch3.0.1
OR
owncloudowncloudMatch3.0.2
OR
owncloudowncloudMatch3.0.3
OR
owncloudowncloudMatch4.0.0
OR
owncloudowncloudMatch4.0.1
OR
owncloudowncloudMatch4.0.2
OR
owncloudowncloudMatch4.0.3
OR
owncloudowncloudMatch4.0.4
OR
owncloudowncloudMatch4.0.5
OR
owncloudowncloudMatch4.0.6
OR
owncloudowncloudMatch4.0.7
OR
owncloudowncloudMatch4.5.0
OR
owncloudowncloudMatch4.5.1
VendorProductVersionCPE
owncloudowncloud*cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*
owncloudowncloud3.0.0cpe:2.3:a:owncloud:owncloud:3.0.0:*:*:*:*:*:*:*
owncloudowncloud3.0.1cpe:2.3:a:owncloud:owncloud:3.0.1:*:*:*:*:*:*:*
owncloudowncloud3.0.2cpe:2.3:a:owncloud:owncloud:3.0.2:*:*:*:*:*:*:*
owncloudowncloud3.0.3cpe:2.3:a:owncloud:owncloud:3.0.3:*:*:*:*:*:*:*
owncloudowncloud4.0.0cpe:2.3:a:owncloud:owncloud:4.0.0:*:*:*:*:*:*:*
owncloudowncloud4.0.1cpe:2.3:a:owncloud:owncloud:4.0.1:*:*:*:*:*:*:*
owncloudowncloud4.0.2cpe:2.3:a:owncloud:owncloud:4.0.2:*:*:*:*:*:*:*
owncloudowncloud4.0.3cpe:2.3:a:owncloud:owncloud:4.0.3:*:*:*:*:*:*:*
owncloudowncloud4.0.4cpe:2.3:a:owncloud:owncloud:4.0.4:*:*:*:*:*:*:*
Rows per page:
1-10 of 151

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.005

Percentile

77.0%

Related for CVE-2012-5610