CVE-2013-1967

{"id": "CVE-2013-1967", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2014-02-05T15:10:05.017", "references": [{"url": "http://owncloud.org/about/security/advisories/oC-SA-2013-017", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://seclists.org/oss-sec/2013/q2/111", "source": "secalert@redhat.com"}, {"url": "http://seclists.org/oss-sec/2013/q2/133", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/53079", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=955307", "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83647", "source": "secalert@redhat.com"}, {"url": "https://github.com/johndyer/mediaelement/commit/9223dc6bfc50251a9a3cba0210e71be80fc38ecd", "tags": ["Exploit", "Patch"], "source": "secalert@redhat.com"}, {"url": "https://github.com/johndyer/mediaelement/tree/2.11.1", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2, as used in ownCloud Server 5.0.x before 5.0.5 and 4.5.x before 4.5.10, allows remote attackers to inject arbitrary web script or HTML via the file parameter."}, {"lang": "es", "value": "Vulnerabilidad de XSS en flashmediaelement.swf en MediaElement.js anterior a 2.11.2, utilizado en OwnCloud Server 5.0.x anterior a 5.0.5 y 4.5.x anterior a 4.5.10, permite a atacantes remotos inyectar script Web o HTML arbitrario a trav\u00e9s del par\u00e1metro file."}], "lastModified": "2017-08-29T01:33:13.120", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAA26473-CFC6-47C4-AFE2-3054009C72B1", "versionEndIncluding": "2.11.1"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "240CE762-4A1C-4DA2-B3B2-CA62EE52D0A3"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07E7E16E-4CEE-4A52-BBFB-A6B91F554F24"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF3BBB9D-E51F-45CE-80A2-8C941C61D226"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DE56777-4889-4EA5-ACCE-30E9BD4160BC"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2661722-5819-4A10-8E20-F55742FC4142"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D578448-06BC-4357-9869-F6A82ADF8454"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61F877B3-EB9D-4EC1-8C41-47AC43D2B4C5"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1917822-5F80-4D6B-B0EC-FBD19D6838B8"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66323183-39E6-4B61-8D02-31BABE830742"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A1A46F6-4BD6-4C4D-BB80-C6F0248EBA43"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D1FD461-CBFA-47B5-AFA9-F53493564CEC"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63CA46F2-D56C-4623-873F-03F76AE0967A"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D48EC6C3-FA37-4EBF-8E5E-3A2642078CE8"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4067F47-07AE-49FD-ABF4-33639E1F82E0"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6982962-AF0F-4FBD-BEFE-684D82155DFA"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB916FFE-72D0-4952-A253-6AE469A390F3"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "688FC4B8-B09F-4F7D-98A5-B58127112588"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F6A45E1-EC36-4E80-8893-8BE16E8FBBD1"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA3BB08E-6D8E-4E38-8899-B464D49FCC6C"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9FEE2BB-48F2-41D5-BB15-C8A999406416"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A486DBC-85B8-4FEA-A353-EB31BEE48FED"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF65E521-43E8-4264-8871-59DA99ECF989"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBAA10E4-CDBA-4FD5-8651-F7598FA77129"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33CBE52A-ACEA-4111-B3E6-AB1336F171B3"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3AF7654-E0E0-48EC-91BA-806F79391472"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "760B1D50-D216-4931-ACE0-1A1F4C317988"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CE0548B-A35B-431E-B42B-84CAB8E4EC1D"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB61B69A-66B9-4C5C-A16B-1C3F9EEB15DD"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A65BF1E-61C7-4600-A1D0-D41D16A136A7"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4673260C-72A4-4E1F-8762-94A511828701"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEF5E7B9-08F9-40C4-BD4C-F540777BADCE"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64830A8B-3066-4128-B66B-72EE83B3AEDC"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E92C560A-8541-4E13-8605-D9821E2F2BD8"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "922C630F-B3AE-4FB6-BE62-02D86E71ADF0"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D07ED7E1-44B4-48A1-82B2-8E293E0AB65F"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C35E695A-D051-49C0-8CED-1BF8BBE1DA81"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6BDED28-1792-4B00-816A-F25AA3B63C3A"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFF363EE-4C2C-46C5-91A0-41BEC3C35B5C"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FF4CF6E-0DAC-4F8F-8C26-00261B2A5A86"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81E2112D-E069-43DF-AC97-413833190790"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18B789B0-EA7B-4374-BC57-6889B6734715"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFCB4FBC-DE26-4DFE-BC54-D4D9FBD4A968"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "469C4EF8-269F-4720-A795-EFBD4E416E98"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F5D42F6-7503-4CDE-88D0-CD864B4DDBEC"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FAFAE329-FED7-4605-9412-0EC179052DAD"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F299E7B-91F8-43DA-816A-B57D39578A9A"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72D1457F-B1BD-4F6C-AA9E-25E2C5A6CA5B"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C83BD72-FF91-459C-AB43-535ECF32F356"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4BC3D75-F2D8-4F07-994D-68F6D1BCFA1C"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C91E7FF3-72B0-4259-8251-57E4C8EDA96E"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4B8CB5D-0C8C-48C2-AC35-8892345FC15D"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53EE9E64-AD8E-4977-A4A5-4844F1754A77"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E20C7FBF-A9D5-42B0-A158-A96350F04DB4"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E011E781-BC0D-4F82-990B-D6C3D9399D38"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87334357-BC8E-4D84-80EC-DC4F5875BB76"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44BC2156-5E22-4E91-ACFE-5FED3E243202"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7A207B2-EF39-4B7D-A5CA-7888104A048C"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BFDA2F2-1C4A-4F88-9064-C1B2BED96A86"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6359E2E1-D5E3-447D-AED4-8ECACF519744"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A36FA3C-15AE-451E-8501-EC16BC724B73"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEFE7414-9B96-4F1D-91C5-CC696EAB9453"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAF94D01-0957-4813-B7AE-83203C641375"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF0A4102-E5EB-4506-8885-1ED8E4E40D71"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B5C825F-7EEF-41B7-96BF-0422F8362321"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03DBF23C-CFDC-4B45-85A6-308FC2B3B6D5"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA8D9B75-C502-41DF-9BF4-443431B1EC7E"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D0A0BE7-DC7B-4F26-8E76-C91D32B16A39"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43977908-CF0D-4506-B79D-CB6BBB103202"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B10A7BBC-ACEF-4688-BC82-8A2A3DA2495C"}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6CC7114-7EAF-4328-8026-11A7C988E379"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B362D262-CB7A-4987-AD26-406E20DE9BCD"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC3B9287-AC9F-488B-A6F4-1AC822BBBAE4"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF01655F-80A2-4A6B-9F30-18E39581F971"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E08AB56D-506A-4D31-AD83-12A5937393B4"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99D723BA-E386-456D-8BC3-91390798B4B4"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75538474-59FA-444C-865C-7B401A491476"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9852A84C-BAA9-43E7-BD30-D6F5D752502E"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC86F25A-605B-4B1C-8E5A-8022CC59619F"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C77250D-017E-4907-923E-127227EB68CC"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1583C4C-6501-48ED-BF31-AFCF38C5D59F"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF826F2B-83E1-4E64-A56C-B564028EBD6A"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22A19441-2041-45DC-9F59-783C9B1FF9D5"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43448288-B129-4210-9680-55836869F09F"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78639CDB-3763-4E71-B4F9-E51E5A261A16"}, {"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DBE1CE3-7A8D-4C97-8066-F59C346A0494"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}