CVE-2013-1963 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2013-1963

The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors.

Published: Mar 14, 2014
Updated: Apr 13, 2023
CVE: CVE-2013-1963
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
owncloud / owncloud	5.0.2	5.0.2.x
owncloud / owncloud	5.0.3	5.0.3.x
owncloud / owncloud	4.5.1	4.5.1.x
owncloud / owncloud	4.5.7	4.5.7.x
owncloud / owncloud	-	4.5.9.x
owncloud / owncloud	5.0.0	5.0.0.x
owncloud / owncloud	5.0.1	5.0.1.x
owncloud / owncloud	4.5.0	4.5.0.x
owncloud / owncloud	5.0.4	5.0.4.x
owncloud / owncloud	4.5.2	4.5.2.x
owncloud / owncloud	4.5.4	4.5.4.x
owncloud / owncloud	4.5.8	4.5.8.x
owncloud / owncloud	4.5.3	4.5.3.x
owncloud / owncloud	4.5.5	4.5.5.x
owncloud / owncloud	4.5.6	4.5.6.x

http://owncloud.org/about/security/advisories/oC-SA-2013-018/