5
CVSSv2

CVE-2014-5265

Published: 18/08/2014 Updated: 21/11/2024

Vulnerability Summary

The Incutio XML-RPC (IXR) Library, as used in WordPress prior to 3.9.2 and Drupal 6.x prior to 6.33 and 7.x prior to 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote malicious users to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

wordpress wordpress

wordpress wordpress 3.0

wordpress wordpress 3.0.1

wordpress wordpress 3.0.2

wordpress wordpress 3.0.3

wordpress wordpress 3.0.4

wordpress wordpress 3.0.5

wordpress wordpress 3.0.6

wordpress wordpress 3.1

wordpress wordpress 3.1.1

wordpress wordpress 3.1.2

wordpress wordpress 3.1.3

wordpress wordpress 3.1.4

wordpress wordpress 3.2

wordpress wordpress 3.2.1

wordpress wordpress 3.3

wordpress wordpress 3.3.1

wordpress wordpress 3.3.2

wordpress wordpress 3.3.3

wordpress wordpress 3.4.0

wordpress wordpress 3.4.1

wordpress wordpress 3.4.2

wordpress wordpress 3.5.0

wordpress wordpress 3.5.1

wordpress wordpress 3.6

wordpress wordpress 3.6.1

wordpress wordpress 3.7

wordpress wordpress 3.7.1

wordpress wordpress 3.8

wordpress wordpress 3.8.1

wordpress wordpress 3.9.0

drupal drupal 6.0

drupal drupal 6.1

drupal drupal 6.2

drupal drupal 6.3

drupal drupal 6.4

drupal drupal 6.5

drupal drupal 6.6

drupal drupal 6.7

drupal drupal 6.8

drupal drupal 6.9

drupal drupal 6.10

drupal drupal 6.11

drupal drupal 6.12

drupal drupal 6.13

drupal drupal 6.14

drupal drupal 6.15

drupal drupal 6.16

drupal drupal 6.17

drupal drupal 6.18

drupal drupal 6.19

drupal drupal 6.20

drupal drupal 6.21

drupal drupal 6.22

drupal drupal 6.23

drupal drupal 6.24

drupal drupal 6.25

drupal drupal 6.26

drupal drupal 6.27

drupal drupal 6.28

drupal drupal 6.29

drupal drupal 6.30

drupal drupal 6.31

drupal drupal 6.32

drupal drupal 7.0

drupal drupal 7.1

drupal drupal 7.2

drupal drupal 7.3

drupal drupal 7.4

drupal drupal 7.5

drupal drupal 7.6

drupal drupal 7.7

drupal drupal 7.8

drupal drupal 7.9

drupal drupal 7.10

drupal drupal 7.11

drupal drupal 7.12

drupal drupal 7.13

drupal drupal 7.14

drupal drupal 7.15

drupal drupal 7.16

drupal drupal 7.17

drupal drupal 7.18

drupal drupal 7.19

drupal drupal 7.20

drupal drupal 7.21

drupal drupal 7.22

drupal drupal 7.23

drupal drupal 7.24

drupal drupal 7.25

drupal drupal 7.26

drupal drupal 7.27

drupal drupal 7.28

drupal drupal 7.29

drupal drupal 7.30

drupal drupal 7.x-dev

debian debian linux 7.0

Vendor Advisories

Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure More information can be found in the upstream advisory at wordpressorg/news/2014/08/wordpress-3-9-2/ For the stable distribution (wheezy), these problems have been fixed in version 361+dfsg-1~deb7u4 ...