Description

ownCloud Server before 6.0.3 does not properly check permissions, which allows remote authenticated users to (1) access the contacts of other users via the address book or (2) rename files via unspecified vectors.

Remediation

References

CVE-2014-3834

Related Vulnerabilities

WordPress Plugin FormCraft-Premium WordPress Form Builder Cross-Site Scripting (3.2.31)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9638)

MySQL CVE-2022-21374 Vulnerability (CVE-2022-21374)

WordPress Plugin WordPress Ultra Simple Paypal Shopping Cart Cross-Site Request Forgery (4.4)

WordPress Plugin Feedweb Unspecified Vulnerability (3.0.7)

Severity

High

Classification

CVE-2014-3834 CWE-264

Tags

Missing Update Known Vulnerabilities