Lucene search
Nico Golde – Vulnerability discovery and disclosure.OWNCLOUD:42CFC9D0EECE9701530DF2336765E9E6HistoryAug 10, 2012 - 5:09 p.m.
HTTP header injection - ownCloud
2012-08-1017:09:21
Nico Golde – Vulnerability discovery and disclosure.
owncloud.org
34
0.002 Low
EPSS
Percentile
51.7%
A Header injection vulnerability in ownCloud before 4.0.8 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the HTTP url path parameter to index.php.
Affected Software
- ownCloud Server < 4.0.8 (CVE-2012-5057)
Action Taken
It is recommended that all instances are upgraded to ownCloud Server 4.0.8.
Acknowledgements
The ownCloud team thanks the following people for their research and responsible disclosure of the above advisory:
- Nico Golde - Vulnerability discovery and disclosure.
| CPE | Name | Operator | Version |
|---|---|---|---|
| owncloud server | lt | 4.0.8 |
Related
ubuntucve
ubuntucve
CVE-2012-5057
2014-06-04 00:00:00
nvd
nvd
CVE-2012-5057
2014-06-04 14:55:03
cve
cve
CVE-2012-5057
2014-06-04 14:55:03
prion
prion
Crlf injection
2014-06-04 14:55:00
owncloud
owncloud
Server: HTTP header injection
2012-08-10 11:42:22
cvelist
cvelist
CVE-2012-5057
2014-06-04 14:00:00
openvas
openvas
ownCloud Multiple Vulnerabilities-01 (Jul 2014)
2014-07-03 00:00:00