6.5
CVE-2012-5609
- EPSS 2.07%
- Veröffentlicht 18.12.2012 01:55:07
- Zuletzt bearbeitet 16.06.2026 23:47:04
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a crafted mount.php file in a ZIP file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Owncloud ≫ Owncloud Server Version3.0.0
Owncloud ≫ Owncloud Server Version3.0.1
Owncloud ≫ Owncloud Server Version3.0.2
Owncloud ≫ Owncloud Server Version3.0.3
Owncloud ≫ Owncloud Server Version4.0.0
Owncloud ≫ Owncloud Server Version4.0.1
Owncloud ≫ Owncloud Server Version4.0.2
Owncloud ≫ Owncloud Server Version4.0.3
Owncloud ≫ Owncloud Server Version4.0.4
Owncloud ≫ Owncloud Server Version4.0.5
Owncloud ≫ Owncloud Server Version4.0.6
Owncloud ≫ Owncloud Server Version4.0.7
Owncloud ≫ Owncloud Server Version4.0.8
Owncloud ≫ Owncloud Server Version4.0.9
Owncloud ≫ Owncloud Server Version4.5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.07% | 0.79 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
http://owncloud.org/changelog/
http://secunia.com/advisories/51357
http://www.openwall.com/lists/oss-security/2012/11/30/3
http://owncloud.org/security/advisories/oc-sa-2012-004/
https://github.com/owncloud/core/commit/4619c66
https://github.com/owncloud/core/commit/e8a0cea