CVE-2015-4716

critical

Description

Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8.0.4, when running on Windows, allows remote attackers to reinstall the application or execute arbitrary code via unspecified vectors.

References

https://owncloud.org/security/advisory/?id=oc-sa-2015-006

http://www.securityfocus.com/bid/76159

http://www.debian.org/security/2015/dsa-3373

Details

Source: Mitre, NVD

Published: 2015-10-21

Updated: 2016-12-07

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H