CVE-2014-9046 Information

Description

The OC_Util::getUrlContent function in ownCloud Server before 5.0.18 6.x before 6.0.6 and 7.x before 7.0.3 allows remote attackers to read arbitrary files via a file:// protocol.

Reference

https://owncloud.org/security/advisory/?id=oc-sa-2014-023