Candidate: CVE-2013-1963
PublicDate: 2014-03-14 16:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1963
 http://www.openwall.com/lists/oss-security/2013/04/21/2
 https://owncloud.org/about/security/advisories/oC-SA-2013-018/
Description:
 The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5
 does not properly check the ownership of contacts, which allows remote
 authenticated users to download arbitrary contacts via unspecified vectors.
Ubuntu-Description:
Notes:
 jdstrand> Per upstream, only 5.x and 4.5.x affected
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_owncloud:
upstream_owncloud: released (5.0.5)
hardy_owncloud: DNE
lucid_owncloud: DNE
oneiric_owncloud: not-affected
precise_owncloud: not-affected
quantal_owncloud: not-affected (4.0.8debian-1.1ubuntu0.1)
raring_owncloud: ignored (reached end-of-life)
saucy_owncloud: not-affected (5.0.10+dfsg-1ubuntu1)
trusty_owncloud: not-affected (6.0.1+dfsg-1ubuntu1)
trusty/esm_owncloud: DNE (trusty was not-affected [6.0.1+dfsg-1ubuntu1])
devel_owncloud: not-affected (6.0.1+dfsg-1ubuntu1)