3 matches found
CVE-2015-4715
The fetch function in OAuth/Curl.php in Dropbox-PHP, as used in ownCloud Server before 6.0.8, 7.x before 7.0.6, and 8.x before 8.0.4 when an external Dropbox storage has been mounted, allows remote administrators of Dropbox.com to read arbitrary files via an @ at sign character in unspecified POS...
CVE-2015-4715
The CVE-2015-4715 entry affects ownCloud Server (Dropbox storage integration) via the Dropbox-PHP OAuth/Curl.php fetch function when an external Dropbox storage is mounted. Affected versions: ownCloud Server before 6.0.8, 7.x before 7.0.6, and 8.x before 8.0.4. The vulnerability allows remote adm...
Updated owncloud package fixes security vulnerabilities
In ownCloud before 6.0.8 and 8.0.4, a bug in the SDK used to connect ownCloud against the Dropbox server might allow the owner of "Dropbox.com" to gain access to any files on the ownCloud server if an external Dropbox storage was mounted CVE-2015-4715. In ownCloud before 6.0.8 and 8.0.4, the...