Description

The document application in ownCloud Server before 6.0.3 uses sequential values for the file_id, which allows remote authenticated users to enumerate shared files via unspecified vectors.

Remediation

References

CVE-2014-3837

Related Vulnerabilities

WordPress Plugin Sell Downloads Unspecified Vulnerability (1.0.85)

WeBid Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7118)

WebLogic CVE-2008-2579 Vulnerability (CVE-2008-2579)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000410)

MySQL CVE-2013-1570 Vulnerability (CVE-2013-1570)

Severity

Medium

Classification

CVE-2014-3837 CWE-264

Tags

Missing Update Known Vulnerabilities