Description

getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

Remediation

References

CVE-2014-2053

Related Vulnerabilities

OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0704)

WordPress Other Vulnerability (CVE-2007-3543)

Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7913)

ProjectSend Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2018-7201)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2112)

Severity

High

Classification

CVE-2014-2053

Tags

Missing Update Known Vulnerabilities