CVE-2012-5610

Published: Dec 18, 2012

Modified: Sep 17, 2024

PUBLISHED

Description

Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud before 4.0.9 and 4.5.x before 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a special crafted name.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

51357

third-party-advisory

x_refsource_SECUNIA

https://github.com/owncloud/core/commit/f599267

x_refsource_CONFIRM

http://owncloud.org/security/advisories/oc-sa-2012-005/

x_refsource_CONFIRM

[oss-security] 20121130 Re: CVE Request: owncloud

mailing-list

x_refsource_MLIST

http://owncloud.org/changelog/

x_refsource_CONFIRM

https://github.com/owncloud/core/commit/6540c0fc63

x_refsource_CONFIRM

https://github.com/owncloud/core/commit/4b86c43

x_refsource_CONFIRM

https://github.com/owncloud/core/commit/3cd416b667

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-5610

Description

Affected Products

References