/[advisories]/10452.adv
ViewVC logotype

Annotation of /10452.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 36 - (hide annotations) (download)
Tue Jun 18 14:58:35 2013 UTC (8 years, 5 months ago) by boklm
File size: 927 byte(s)
MGASA-2013-0171
1 boklm 27 type: security
2 boklm 35 subject: Updated owncloud package fixes security vulnerabilities
3 boklm 27 CVE:
4     - CVE-2013-2150
5     - CVE-2013-2149
6     src:
7     3:
8     core:
9     - owncloud-5.0.7-1.mga3
10     description: |
11     Cross-site scripting (XSS) vulnerabilities in js/viewer.js inside the
12     files_videoviewer application via multiple unspecified vectors in all
13     ownCloud versions prior to 5.0.7 and 4.5.12 allows authenticated remote
14     attackers to inject arbitrary web script or HTML via shared files
15     (CVE-2013-2150).
16    
17     Cross-site scripting (XSS) vulnerabilities in core/js/oc-dialogs.js via
18     multiple unspecified vectors in all ownCloud versions prior to 5.0.7
19     and other versions before 4.0.16 allows authenticated remote attackers
20     to inject arbitrary web script or HTML via shared files (CVE-2013-2149).
21     references:
22     - https://bugs.mageia.org/show_bug.cgi?id=10452
23     - http://owncloud.org/about/security/advisories/oC-SA-2013-028/
24 boklm 36 ID: MGASA-2013-0171

  ViewVC Help
Powered by ViewVC 1.1.28