Candidate: CVE-2013-2046
PublicDate: 2014-03-09 13:16:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2046
 http://owncloud.org/about/security/advisories/oC-SA-2013-019/
Description:
 SQL injection vulnerability in lib/bookmarks.php in ownCloud Server 4.5.x
 before 4.5.11 and 5.x before 5.0.6 allows remote authenticated users to
 execute arbitrary SQL commands via unspecified vectors.
Ubuntu-Description:
Notes:
 jdstrand> per upstream, 4.5 and higher
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_owncloud:
upstream_owncloud: released (5.0.6)
lucid_owncloud: DNE
precise_owncloud: not-affected
quantal_owncloud: not-affected (4.0.8debian-1.1ubuntu0.1)
raring_owncloud: ignored (reached end-of-life)
saucy_owncloud: not-affected (5.0.10+dfsg-1ubuntu1)
trusty_owncloud: not-affected (6.0.1+dfsg-1ubuntu1)
trusty/esm_owncloud: DNE (trusty was not-affected [6.0.1+dfsg-1ubuntu1])
devel_owncloud: not-affected (6.0.1+dfsg-1ubuntu1)