CVE-2014-3834 Information

Description

ownCloud Server before 6.0.3 does not properly check permissions which allows remote authenticated users to (1) access the contacts of other users via the address book or (2) rename files via unspecified vectors.

Reference

http://owncloud.org/about/security/advisories/oc-sa-2014-011/ http://owncloud.org/about/security/advisories/oc-sa-2014-013/