1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
Candidate: CVE-2012-0203
PublicDate: 2013-01-31
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0203
http://www.openwall.com/lists/oss-security/2013/01/22
http://owncloud.org/about/security/advisories/oC-SA-2013-001/
Description:
Cross-site scripting (XSS) vulnerability in InfoSphere Metadata Workbench
(MWB) 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before
FP3, and 8.7 allows remote attackers to inject arbitrary web script or HTML
via unspecified vectors.
Ubuntu-Description:
Notes:
mdeslaur> owncloud packages in Ubuntu are now empty
sarnold> I don't know which git tree is meant, but fixes are in commits
sarnold> 708bd and 3f37063
Bugs:
Priority: medium
Discovered-by: Frans Rosén
Assigned-to:
Patches_owncloud:
upstream_owncloud: released (4.0.11, 4.5.6)
hardy_owncloud: DNE
lucid_owncloud: DNE
oneiric_owncloud: ignored (reached end-of-life)
precise_owncloud: not-affected
quantal_owncloud: ignored (reached end-of-life)
raring_owncloud: ignored (reached end-of-life)
saucy_owncloud: ignored (reached end-of-life)
trusty_owncloud: not-affected
utopic_owncloud: DNE
vivid_owncloud: DNE
wily_owncloud: DNE
devel_owncloud: DNE
|