Description

The HTML\Browser plugin in SabreDAV before 1.6.9, 1.7.x before 1.7.7, and 1.8.x before 1.8.5, as used in ownCloud, when running on Windows, does not properly check path separators in the base path, which allows remote attackers to read arbitrary files via a \ (backslash) character.

Remediation

References

CVE-2013-1939

Related Vulnerabilities

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2038)

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10008)

MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10037)

Apache HTTP Server Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2009-1955)

WordPress Plugin Shortcoder-Create Shortcodes for Anything Security Bypass (6.3)

Severity

Medium

Classification

CVE-2013-1939 CWE-20

Tags

Missing Update Known Vulnerabilities