Description

The default Flash Cross Domain policies in ownCloud before 5.0.15 and 6.x before 6.0.2 allows remote attackers to access user files via unspecified vectors.

Remediation

References

CVE-2014-2049

Related Vulnerabilities

WordPress Plugin Photoracer 'id' Parameter SQL Injection (1.0)

WordPress Plugin WP-DownloadManager Cross-Site Scripting (1.67)

WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (6.8.1)

WebLogic CVE-2018-1257 Vulnerability (CVE-2018-1257)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5335)

Severity

Medium

Classification

CVE-2014-2049 CWE-264

Tags

Missing Update Known Vulnerabilities