ownCloud Dekstop Client 1.4.0

CPE Details

ownCloud Dekstop Client 1.4.0
owncloud
owncloud_desktop_client
1.4.0
2018-06-13
13h03 +00:00
2021-04-09
16h06 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:owncloud:owncloud_desktop_client:1.4.0:*:*:*:*:*:*:*

Informations

Vendor

owncloud

Product

owncloud_desktop_client

Version

1.4.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-44537 2022-01-15 19h51 +00:00 ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution.
7.8
Haute
CVE-2020-28646 2021-02-26 13h51 +00:00 ownCloud owncloud/client before 2.7 allows DLL Injection. The desktop client loaded development plugins from certain directories when they were present.
7.8
Haute
CVE-2016-7102 2017-01-23 20h00 +00:00 ownCloud Desktop before 2.2.3 allows local users to execute arbitrary code and possibly gain privileges via a Trojan library in a "special path" in the C: drive.
8.4
Haute
CVE-2015-4456 2015-10-26 13h00 +00:00 ownCloud Desktop Client before 1.8.2 does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which allows man-in-the-middle attackers to bypass the user's certificate distrust decision and obtain sensitive information by leveraging a self-signed certificate and a connection to a server using its own self-signed certificate.
2.6
CVE-2015-7298 2015-10-26 13h00 +00:00 ownCloud Desktop Client before 2.0.1, when compiled with a Qt release after 5.3.x, does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which makes it easier for remote attackers to conduct man-in-the-middle (MITM) attacks by leveraging a server using a self-signed certificate. NOTE: this vulnerability exists because of a partial CVE-2015-4456 regression.
5.1