CVE-2017-5867

Name of the Vulnerable Software and Affected Versions ownCloud Server versions prior to 8.1.11 ownCloud Server versions 8.2.x prior to 8.2.9 ownCloud Server versions 9.0.x prior to 9.0.7 ownCloud Server versions 9.1.x prior to 9.1.3

Description The issue allows remote authenticated users to cause a denial of service, resulting in a server hang and logfile flooding, by utilizing a one-bit BMP file.

Recommendations For ownCloud Server versions prior to 8.1.11, update to version 8.1.11 or later. For ownCloud Server versions 8.2.x prior to 8.2.9, update to version 8.2.9 or later. For ownCloud Server versions 9.0.x prior to 9.0.7, update to version 9.0.7 or later. For ownCloud Server versions 9.1.x prior to 9.1.3, update to version 9.1.3 or later.