/[advisories]/10452.adv
ViewVC logotype

Contents of /10452.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 36 - (show annotations) (download)
Tue Jun 18 14:58:35 2013 UTC (10 years, 9 months ago) by boklm
File size: 927 byte(s)
MGASA-2013-0171
1 type: security
2 subject: Updated owncloud package fixes security vulnerabilities
3 CVE:
4 - CVE-2013-2150
5 - CVE-2013-2149
6 src:
7 3:
8 core:
9 - owncloud-5.0.7-1.mga3
10 description: |
11 Cross-site scripting (XSS) vulnerabilities in js/viewer.js inside the
12 files_videoviewer application via multiple unspecified vectors in all
13 ownCloud versions prior to 5.0.7 and 4.5.12 allows authenticated remote
14 attackers to inject arbitrary web script or HTML via shared files
15 (CVE-2013-2150).
16
17 Cross-site scripting (XSS) vulnerabilities in core/js/oc-dialogs.js via
18 multiple unspecified vectors in all ownCloud versions prior to 5.0.7
19 and other versions before 4.0.16 allows authenticated remote attackers
20 to inject arbitrary web script or HTML via shared files (CVE-2013-2149).
21 references:
22 - https://bugs.mageia.org/show_bug.cgi?id=10452
23 - http://owncloud.org/about/security/advisories/oC-SA-2013-028/
24 ID: MGASA-2013-0171

  ViewVC Help
Powered by ViewVC 1.1.30