CyberSec.Space Logo
CVEブラウザに戻る

CVE-2015-4716

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0870%
EPSS Percentile26.24th
Published2015年10月21日
Last Modified2026年5月6日

Vulnerability Description

Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8.0.4, when running on Windows, allows remote attackers to reinstall the application or execute arbitrary code via unspecified vectors.

Affected Platforms (CPE)

📦
Owncloud

Owncloud

<= 7.0.5
📦
Owncloud

Owncloud Server

= 8.0.0
📦
Owncloud

Owncloud Server

= 8.0.2
📦
Owncloud

Owncloud Server

= 8.0.3
💻
Microsoft

Windows

All versions

References & Advisories

🔗 http://www.debian.org/security/2015/dsa-3373
🔗 http://www.securityfocus.com/bid/76159
🔗 https://owncloud.org/security/advisory/?id=oc-sa-2015-006
🔗 http://www.debian.org/security/2015/dsa-3373
🔗 http://www.securityfocus.com/bid/76159
🔗 https://owncloud.org/security/advisory/?id=oc-sa-2015-006

関連する脆弱性情報

CVE-2014-20489.8

The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by leveraging an insecure OpenID imp...

CVE-2019-253379.8

OwnCloud 8.1.8 contains a username enumeration vulnerability that allows remote attackers to discover user accounts by manipulatin...

CVE-2021-359469.8

A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and the...

CVE-2014-20529.8

Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, ...