Lucene search
HistoryJun 04, 2014 - 2:55 p.m.
CVE-2014-2056
phpdocx
owncloud
cve-2014-2056
xxe
xml external entity
security vulnerability
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
77.7%
PHPDocX, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Affected configurations
Node
owncloudowncloudRange≤5.0.14a
ORowncloudowncloudMatch5.0.0
ORowncloudowncloudMatch5.0.1
ORowncloudowncloudMatch5.0.2
ORowncloudowncloudMatch5.0.3
ORowncloudowncloudMatch5.0.4
ORowncloudowncloudMatch5.0.5
ORowncloudowncloudMatch5.0.6
ORowncloudowncloudMatch5.0.7
ORowncloudowncloudMatch5.0.8
ORowncloudowncloudMatch5.0.9
ORowncloudowncloudMatch5.0.10
ORowncloudowncloudMatch5.0.11
ORowncloudowncloudMatch5.0.12
ORowncloudowncloudMatch5.0.13
ORowncloudowncloudMatch5.0.14
ORphpdocxphpdocxMatch-
Node
owncloudowncloudMatch6.0.0
ORowncloudowncloudMatch6.0.1
ORphpdocxphpdocxMatch-
Related
ubuntucve
ubuntucve
CVE-2014-2056
2014-06-04 00:00:00
cvelist
cvelist
CVE-2014-2056
2014-06-04 14:00:00
prion
prion
Xxe
2014-06-04 14:55:00
nvd
nvd
CVE-2014-2056
2014-06-04 14:55:04
owncloud
owncloud
Server: XXE in multiple third party components
2014-07-03 02:00:00
XXE in multiple third party components - ownCloud
2014-07-03 18:22:45
openvas
openvas
ownCloud Multiple Vulnerabilities-02 (Jul 2014)
2014-07-03 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
77.7%
Related for CVE-2014-2056