Description

getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

Remediation

References

CVE-2014-2053

Related Vulnerabilities

WordPress Plugin spideranalyse Cross-Site Scripting (0.0.1)

WordPress Plugin Meow Gallery (+ Gallery Block) Security Bypass (4.1.9)

PostgreSQL Other Vulnerability (CVE-2006-2314)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8142)

WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.14)

Severity

High

Classification

CVE-2014-2053

Tags

Missing Update Known Vulnerabilities