Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
owncloudOwnCloudOC-SA-2016-003
HistoryJan 06, 2016 - 1:40 a.m.

Server: Disclosure of files that begin with ".v" due to unchecked return value

2016-01-0601:40:33
owncloud.org
29

EPSS

0.001

Percentile

34.9%

JSON

Due to a incorrect usage of the getOwner function of the ownCloud virtual filesystem,done authenticated users with incoming shares of other users are able to access files beginning with “.v” of the sharing user. This can only be exploited if the “files_versions” application is enabled on the server.

For more information please consult the official advisory.

This advisory is licensed CC BY-SA 4.0

Related

cvelist 1
nvd 1
prion 1
owncloud 1
cve 1
ubuntucve 1
openvas 3
nessus 1
freebsd 1
mageia 1
cvelist
cvelist
CVE-2016-1500
2016-01-08 21:00:00
nvd
nvd
CVE-2016-1500
2016-01-08 21:59:08
prion
prion
Code injection
2016-01-08 21:59:00
owncloud
owncloud
Disclosure of files that begin with ".v" due to unchecked return value - ownCloud
2016-01-06 18:57:29
cve
cve
CVE-2016-1500
2016-01-08 21:59:08
ubuntucve
ubuntucve
CVE-2016-1500
2016-01-08 00:00:00
openvas
openvas
ownCloud Multiple Vulnerabilities (Mar 2016) - Windows
2016-03-04 00:00:00
ownCloud Multiple Vulnerabilities (Mar 2016) - Linux
2016-03-04 00:00:00
Mageia: Security Advisory (MGASA-2016-0040)
2016-02-02 00:00:00
nessus
nessus
FreeBSD : owncloud -- multiple vulnerabilities (3166222b-c6a4-11e5-96d6-14dae9d210b8)
2016-02-01 00:00:00
freebsd
freebsd
owncloud -- multiple vulnerabilities
2015-12-23 00:00:00
mageia
mageia
Updated owncloud packages fix security vulnerability
2016-01-29 14:02:50

EPSS

0.001

Percentile

34.9%

JSON
Related for OC-SA-2016-003
cvelist1nvd1prion1owncloud1cve1ubuntucve1openvas3nessus1freebsd1mageia1