8 matches found
Xxe
The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity XXE attack. NOTE: Related to CVE-2014-2053...
CVE-2014-9487
CVE-2014-9487 involves the getID3 library used by MediaWiki. The flaw enables an XML External Entity (XXE) attack that can cause the system to read arbitrary files, with potential denial of service or other impact. Affected MediaWiki versions are 1.19.23, 1.22.15, 1.23.8, and 1.24.0 prior to 1.24...
[SECURITY] [DLA 56-1] wordpress security update
Package : wordpress Version : 3.6.1+dfsg-1deb6u5 CVE ID : CVE-2014-2053 CVE-2014-5204 CVE-2014-5205 CVE-2014-5240 CVE-2014-5265 CVE-2014-5266 Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure. More information...
Potential XXE security issue
improved XXE fix CVE-2014-2053...
Potential XXE security issue
improved XXE fix CVE-2014-2053...
Debian DSA-3001-1 : wordpress - security update
Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure. More information can be found in the upstream advisory at https://wordpress.org/news/2014/08/wordpress-3-9-2/. %NASLMINLEVEL 70300 C Tenable Network Security,...
CVE-2014-2053
getID3 before 1.9.8, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity XXE attack...
CVE-2014-2053
CVE-2014-2053 concerns getID3()