Candidate: CVE-2014-3834
PublicDate: 2014-06-04 14:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3834
 http://owncloud.org/about/security/advisories/oc-sa-2014-013/
 http://owncloud.org/about/security/advisories/oc-sa-2014-011/
Description:
 ownCloud Server before 6.0.3 does not properly check permissions, which
 allows remote authenticated users to (1) access the contacts of other users
 via the address book or (2) rename files via unspecified vectors.
Ubuntu-Description:
Notes:
 mdeslaur> owncloud packages in Ubuntu are now empty
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_owncloud:
upstream_owncloud: released (6.0.3)
lucid_owncloud: DNE
precise_owncloud: not-affected
saucy_owncloud: not-affected (5.0.12+dfsg-1ubuntu1~saucy1)
trusty_owncloud: not-affected
trusty/esm_owncloud: DNE (trusty was not-affected)
utopic_owncloud: DNE
vivid_owncloud: DNE
wily_owncloud: DNE
devel_owncloud: DNE