Published: 04/06/2014 Updated: 07/01/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

getID3() prior to 1.9.8, as used in ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2, allows remote malicious users to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
getid3 getid3 1.9.1
getid3 getid3 1.9.0
owncloud owncloud 5.0.14
owncloud owncloud
owncloud owncloud 5.0.2
owncloud owncloud 5.0.9
getid3 getid3 1.9.3
getid3 getid3 1.9.2
owncloud owncloud 5.0.12
owncloud owncloud 5.0.13
owncloud owncloud 5.0.7
owncloud owncloud 5.0.8
getid3 getid3
getid3 getid3 1.9.6
owncloud owncloud 5.0.0
owncloud owncloud 5.0.1
owncloud owncloud 5.0.3
owncloud owncloud 5.0.4
getid3 getid3 1.9.5
getid3 getid3 1.9.4
owncloud owncloud 5.0.10
owncloud owncloud 5.0.11
owncloud owncloud 5.0.5
owncloud owncloud 5.0.6
owncloud owncloud 6.0.0
owncloud owncloud 6.0.1

Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure More information can be found in the upstream advisory at wordpressorg/news/2014/08/wordpress-3-9-2/ For the stable distribution (wheezy), these problems have been fixed in version 361+dfsg-1~deb7u4 ...

NVD-CWE-Other http://getid3.sourceforge.net/source/changelog.txt http://owncloud.org/about/security/advisories/oC-SA-2014-006/https://wordpress.org/news/2014/08/wordpress-3-9-2/http://www.debian.org/security/2014/dsa-3001 http://secunia.com/advisories/58002 https://nvd.nist.gov https://www.debian.org/security/./dsa-3001

CVE-2014-2053

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect