Lucene search
K

6 matches found

OSV
OSV
added 2015/10/26 2:59 p.m.5 views

CVE-2015-4456

ownCloud Desktop Client before 1.8.2 does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which allows man-in-the-middle attackers to bypass the user's certificate distrust decision and obtain sensitive information by leveraging a self-signed certificate and a...

5.8AI score
Exploits0References4
CVE
CVE
added 2015/10/26 2:0 p.m.81 views

CVE-2015-4456

The CVE-2015-4456 issue affects the ownCloud Desktop Client prior to 1.8.2. The vulnerability arises because the client does not call QNetworkReply::ignoreSslErrors with the set of errors to ignore, enabling MITM attackers to bypass certificate distrust decisions when connecting to a server using...

2.6CVSS5.8AI score0.00825EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2015/10/25 12:0 a.m.78 views

[SECURITY] [DSA 3363-1] owncloud-client security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3363-1 [email protected] https://www.debian.org/security/ Luciano Bello September 20, 2015 https://www.debian.org/security/faq...

2.6CVSS2.2AI score0.00825EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2015-0256)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.6CVSS6.5AI score0.00825EPSS
Exploits0References5
Debian
Debian
added 2015/09/20 10:29 a.m.22 views

[SECURITY] [DSA 3363-1] owncloud-client security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3363-1 [email protected] https://www.debian.org/security/ Luciano Bello September 20, 2015 https://www.debian.org/security/faq -...

2.6CVSS5.6AI score0.00825EPSS
Exploits0
OwnCloud
OwnCloud
added 2015/06/08 11:42 a.m.48 views

Improper validation of certificates when using self-signed certificates - ownCloud

The ownCloud Desktop Client was vulnerable against MITM attacks until version 1.8.2 in combination with self-signed certificates. To be exploitable the following conditions have to be met: The connection to the remote ownCloud server must be secured using a self-signed certificate which the user...

2.6CVSS6AI score0.00825EPSS
Exploits0Affected Software1
Rows per page
Query Builder