Medium severity6.5NVD Advisory· Published Mar 3, 2017· Updated May 13, 2026

CVE-2017-5867

Description

ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows remote authenticated users to cause a denial of service (server hang and logfile flooding) via a one bit BMP file.

Affected products

OwnCloud/Owncloud20 versions
cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*+ 19 more
- cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*range: <=8.1.10
- cpe:2.3:a:owncloud:owncloud:8.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:8.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:8.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:8.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:8.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:8.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:8.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:8.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:8.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:9.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:9.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:9.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:9.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:9.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:9.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:9.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:9.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:9.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:owncloud:owncloud:9.1.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

owncloud.org/security/advisory/nvdPatchVendor Advisory
www.securityfocus.com/bid/96430nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000