Description

The default Flash Cross Domain policies in ownCloud before 5.0.15 and 6.x before 6.0.2 allows remote attackers to access user files via unspecified vectors.

Remediation

References

CVE-2014-2049

Related Vulnerabilities

Microsoft SQL Server Other Vulnerability (CVE-2002-0721)

Oracle HTTP Server Other Vulnerability (CVE-2020-35164)

WordPress Plugin Clerk Security Bypass (3.8.3)

WordPress Plugin Ninja Forms with File Uploads Extension Cross-Site Scripting (3.3.12)

Artifactory Improper Privilege Management Vulnerability (CVE-2022-0668)

Severity

Medium

Classification

CVE-2014-2049 CWE-264

Tags

Missing Update Known Vulnerabilities