CVE-2016-7102

HIGH

owncloud_desktop_client < 2.2.2 - Local Code Execution via Trojan Library in Special Path

Title source: llm
STIX 2.1

Description

ownCloud Desktop before 2.2.3 allows local users to execute arbitrary code and possibly gain privileges via a Trojan library in a "special path" in the C: drive.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/92627
Vendor Advisory x_refsource_confirm
https://owncloud.org/security/advisory/?id=oc-sa-2016-016

Scores

CVSS v3 8.4
EPSS 0.0017
EPSS Percentile 37.5%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-94
Status published
Products (1)
owncloud/owncloud_desktop_client < 2.2.2
Published Jan 23, 2017
Tracked Since Feb 18, 2026