Description

SabreDAV before 1.7.11, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

Remediation

References

CVE-2014-2055

Related Vulnerabilities

WordPress Plugin Appointments Scheduler Cross-Site Scripting (1.5)

WordPress Plugin Wp-FileManager 'ajaxfilemanager.php' Arbitrary File Upload (1.2)

WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management Information Disclosure (1.38.3.2)

WordPress Plugin Gallery-Video Gallery and Youtube Gallery Cross-Site Scripting (1.2.4)

Oracle Database Server CVE-2009-1020 Vulnerability (CVE-2009-1020)

Severity

High

Classification

CVE-2014-2055

Tags

Missing Update Known Vulnerabilities