mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
77 lines
2.5 KiB
JSON
77 lines
2.5 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "secalert@redhat.com",
|
|
"ID": "CVE-2012-5607",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The \"Lost Password\" reset functionality in ownCloud before 4.0.9 and 4.5.0 does not properly check the security token, which allows remote attackers to change an accounts password via unspecified vectors related to a \"Remote Timing Attack.\""
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "http://owncloud.org/security/advisories/oc-sa-2012-002/",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://owncloud.org/security/advisories/oc-sa-2012-002/"
|
|
},
|
|
{
|
|
"name": "https://github.com/owncloud/core/commit/99cd922",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://github.com/owncloud/core/commit/99cd922"
|
|
},
|
|
{
|
|
"name": "[oss-security] 20121130 Re: CVE Request: owncloud",
|
|
"refsource": "MLIST",
|
|
"url": "http://www.openwall.com/lists/oss-security/2012/11/30/3"
|
|
},
|
|
{
|
|
"name": "http://owncloud.org/changelog/",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://owncloud.org/changelog/"
|
|
}
|
|
]
|
|
}
|
|
} |