Description

getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

Remediation

References

CVE-2014-2053

Related Vulnerabilities

WordPress Plugin Google Analytics Counter Tracker PHP Object Injection (3.4.0)

WordPress Plugin Scoutnet Kalender Cross-Site Scripting (1.1.0)

Joomla! Core 3.3.x Security Bypass (3.3.0 - 3.3.3)

WordPress Plugin CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce Cross-Site Request Forgery (2.4.49)

Atlassian Jira CVE-2020-36237 Vulnerability (CVE-2020-36237)

Severity

High

Classification

CVE-2014-2053

Tags

Missing Update Known Vulnerabilities