Session fixation vulnerability in ownCloud before 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote attackers to hijack web sessions via unspecified vectors.
References
Link | Resource |
---|---|
http://owncloud.org/about/security/advisories/oC-SA-2014-001/ | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-03-14T16:00:00
Updated: 2014-03-14T15:57:01
Reserved: 2014-02-19T00:00:00
Link: CVE-2014-2047
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-03-14T16:55:05.613
Modified: 2014-03-25T19:36:46.027
Link: CVE-2014-2047
JSON object: View
Redhat Information
No data.
CWE