WEB APPLICATION VULNERABILITIES Standard & Premium

ownCloud Resource Management Errors Vulnerability (CVE-2015-4717)

Description

The filename sanitization component in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4 does not properly handle $_GET parameters cast by PHP to an array, which allows remote attackers to cause a denial of service (infinite loop and log file consumption) via crafted endpoint file names.

Remediation

References

Related Vulnerabilities

WordPress Plugin Simplelife Cross-Site Request Forgery (1.2)

Python Cryptographic Issues Vulnerability (CVE-2012-1150)

Apache Traffic Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2021-43082)

WordPress Plugin WooCommerce Product Table Lite Cross-Site Scripting (2.3.0)

WordPress Plugin WP Smart Import: Import any XML File to WordPress Cross-Site Scripting (1.0.2)

Severity

High

Classification

Tags

Missing Update Known Vulnerabilities