Vulnerabilities > CVE-2012-5057 - Unspecified vulnerability in Owncloud

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
owncloud
NVD
Published: 2014-06-04
Updated: 2014-06-04

Summary

CRLF injection vulnerability in ownCloud Server before 4.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the url path parameter. Per: http://cwe.mitre.org/data/definitions/93.html "CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')"

Vulnerable Configurations

Part Description Count
Application
Owncloud
14

References