NVD

Id
24956  
Name
CVE-2015-3013  
Description
ownCloud Server before 5.0.19, 6.x before 6.0.7, and 7.x before 7.0.5 allows remote authenticated users to bypass the file blacklist and upload arbitrary files via a file path with UTF-8 encoding, as demonstrated by uploading a .htaccess file.  
Reject
 
CVSS Version
2  
CVSS Score
6  
Severity
Medium  
CVSS Base Score
6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2015-05-08  
Modified Date
2017-01-02  
Seq
2015-3013  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
131593 24956 CVE-2015-3013 DSA-3244  View
131594 24956 CVE-2015-3013 74451  View
131595 24956 CVE-2015-3013 https://owncloud.org/security/advisory/?id=oc-sa-2015-003  View
131596 24956 CVE-2015-3013 https://owncloud.org/security/advisory/?id=oc-sa-2015-004  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
7234 JVNDB-2015-002554 ownCloud Server におけるファイルのブラックリストを回避される脆弱性 ownCloud Server には、ファイルのブラックリストを回避され、任意のファイルをアップロードされる脆弱性が存在します。 CVE-2015-3013 80238 CVE-2015-3013 24956 6 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-002554.html 2015-03-25 2015-05-12 View