CVE-2014-3838 Information

Description

ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not properly check permissions which allows remote authenticated users to read the names of files of other users by leveraging access to multiple accounts.

Reference

http://owncloud.org/about/security/advisories/oc-sa-2014-016/