DSA-3244-1 owncloud -- owncloudID: oval:org.secpod.oval:def:602060 | Date: (C)2015-05-11 (M)2021-06-02 |
Class: PATCH | Family: unix |
Multiple vulnerabilities were discovered in ownCloud, a cloud storage web service for files, music, contacts, calendars and many more. CVE-2015-3011 Hugh Davenport discovered that the contacts application shipped with ownCloud is vulnerable to multiple stored cross-site scripting attacks. This vulnerability is effectively exploitable in any browser. CVE-2015-3012 Roy Jansen discovered that the documents application shipped with ownCloud is vulnerable to multiple stored cross-site scripting attacks. This vulnerability is not exploitable in browsers that support the current CSP standard. CVE-2015-3013 Lukas Reschke discovered a blacklist bypass vulnerability, allowing authenticated remote attackers to bypass the file blacklist and upload files such as the .htaccess files. An attacker could leverage this bypass by uploading a .htaccess and execute arbitrary PHP code if the /data/ directory is stored inside the web root and a web server that interprets .htaccess files is used. On default Debian installations the data directory is outside of the web root and thus this vulnerability is not exploitable by default.