Description

The document application in ownCloud Server before 6.0.3 uses sequential values for the file_id, which allows remote authenticated users to enumerate shared files via unspecified vectors.

Remediation

References

CVE-2014-3837

Related Vulnerabilities

Joomla CVE-2017-7988 Vulnerability (CVE-2017-7988)

WordPress Plugin Site Import Remote File Inclusion (1.0.1)

Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1039)

Jenkins Session Fixation Vulnerability (CVE-2018-1000409)

WordPress Plugin Page Builder:PageLayer-Drag and Drop website builder Cross-Site Scripting (1.3.4)

Severity

Medium

Classification

CVE-2014-3837 CWE-264

Tags

Missing Update Known Vulnerabilities