Published: 26/01/2014 Updated: 29/08/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

XML External Entity (XXE) vulnerability in MARC::File::XML module prior to 1.0.2 for Perl, as used in Evergreen, Koha, perl4lib, and possibly other products, allows context-dependent malicious users to read arbitrary files via a crafted XML file.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

galen charlton marc-xml 1.0

galen charlton marc-xml

Vendor Advisories

Debian Bug report logs - #736275 libmarc-xml-perl: CVE-2014-1626: XML External Entity privilege escalation Package: libmarc-xml-perl; Maintainer for libmarc-xml-perl is Debian Perl Group <pkg-perl-maintainers@listsaliothdebianorg>; Source for libmarc-xml-perl is src:libmarc-xml-perl (PTS, buildd, popcon) Reported by: Salv ...