ID CVE-2014-2053
Summary getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
References
Vulnerable Configurations
  • getid3 1.9.7
    cpe:2.3:a:getid3:getid3:1.9.7
  • getid3 1.9.6
    cpe:2.3:a:getid3:getid3:1.9.6
  • getid3 1.9.5
    cpe:2.3:a:getid3:getid3:1.9.5
  • getid3 1.9.4b1
    cpe:2.3:a:getid3:getid3:1.9.4:b1
  • getid3 1.9.3
    cpe:2.3:a:getid3:getid3:1.9.3
  • getid3 1.9.2
    cpe:2.3:a:getid3:getid3:1.9.2
  • getid3 1.9.1
    cpe:2.3:a:getid3:getid3:1.9.1
  • getid3 1.9.0
    cpe:2.3:a:getid3:getid3:1.9.0
  • ownCloud 5.0.0
    cpe:2.3:a:owncloud:owncloud:5.0.0
  • ownCloud 5.0.1
    cpe:2.3:a:owncloud:owncloud:5.0.1
  • ownCloud 5.0.10
    cpe:2.3:a:owncloud:owncloud:5.0.10
  • ownCloud 5.0.11
    cpe:2.3:a:owncloud:owncloud:5.0.11
  • ownCloud 5.0.12
    cpe:2.3:a:owncloud:owncloud:5.0.12
  • ownCloud 5.0.13
    cpe:2.3:a:owncloud:owncloud:5.0.13
  • ownCloud 5.0.14
    cpe:2.3:a:owncloud:owncloud:5.0.14
  • ownCloud 5.0.14a
    cpe:2.3:a:owncloud:owncloud:5.0.14:a
  • ownCloud 5.0.2
    cpe:2.3:a:owncloud:owncloud:5.0.2
  • ownCloud 5.0.3
    cpe:2.3:a:owncloud:owncloud:5.0.3
  • ownCloud 5.0.4
    cpe:2.3:a:owncloud:owncloud:5.0.4
  • ownCloud 5.0.5
    cpe:2.3:a:owncloud:owncloud:5.0.5
  • ownCloud 5.0.6
    cpe:2.3:a:owncloud:owncloud:5.0.6
  • ownCloud 5.0.7
    cpe:2.3:a:owncloud:owncloud:5.0.7
  • ownCloud 5.0.8
    cpe:2.3:a:owncloud:owncloud:5.0.8
  • ownCloud 5.0.9
    cpe:2.3:a:owncloud:owncloud:5.0.9
  • getid3 1.9.7
    cpe:2.3:a:getid3:getid3:1.9.7
  • getid3 1.9.6
    cpe:2.3:a:getid3:getid3:1.9.6
  • getid3 1.9.5
    cpe:2.3:a:getid3:getid3:1.9.5
  • getid3 1.9.4b1
    cpe:2.3:a:getid3:getid3:1.9.4:b1
  • getid3 1.9.3
    cpe:2.3:a:getid3:getid3:1.9.3
  • getid3 1.9.2
    cpe:2.3:a:getid3:getid3:1.9.2
  • getid3 1.9.1
    cpe:2.3:a:getid3:getid3:1.9.1
  • getid3 1.9.0
    cpe:2.3:a:getid3:getid3:1.9.0
  • ownCloud 6.0.0
    cpe:2.3:a:owncloud:owncloud:6.0.0
  • ownCloud 6.0.1
    cpe:2.3:a:owncloud:owncloud:6.0.1
CVSS
Base: 7.5 (as of 04-06-2014 - 14:28)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3001.NASL
    description Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure. More information can be found in the upstream advisory at https://wordpress.org/news/2014/08/wordpress-3-9-2/.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 77102
    published 2014-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77102
    title Debian DSA-3001-1 : wordpress - security update
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-56.NASL
    description Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure. More information can be found in the upstream advisory at https://wordpress.org/news/2014/08/wordpress-3-9-2/ NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-06
    plugin id 82202
    published 2015-03-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82202
    title Debian DLA-56-1 : wordpress security update
  • NASL family CGI abuses
    NASL id WORDPRESS_3_9_2.NASL
    description According to its version number, the WordPress application hosted on the remote web server is affected by multiple vulnerabilities : - An XML injection flaw exists within 'getid3.lib.php' due to the parser accepting XML external entities from untrusted sources. Using specially crafted XML data, a remote attacker could access sensitive information or cause a denial of service. This affects versions 3.6 - 3.9.1, except 3.7.4 and 3.8.4. - An XML injection flaw exists within 'xmlrpc.php' due to the parser accepting XML internal entities without properly validating them. Using specially crafted XML data, a remote attacker could cause a denial of service. This affects versions 1.5 - 3.9.1, except 3.7.4 and 3.8.4. - An unsafe serialization flaw exists in the script '/src/wp-includes/class-wp-customize-widgets.php' when processing widgets. This could allow a remote attacker to execute arbitrary code. Versions 3.9 and 3.9.1 non-default configurations are affected. - A flaw exists when building CSRF tokens due to it not separating pieces by delimiter and not comparing nonces in a time-constant manner. This could allow a remote attacker to conduct a brute force attack and potentially disclose the CSRF token. This affects versions 2.0.3 - 3.9.1, except 3.7.4 and 3.8.4. - A cross-site scripting flaw exists in the function 'get_avatar' within the '/src/wp-includes/pluggable.php' script where input from the avatars is not validated before returning it to the user. Using a specially crafted request, an authenticated attacker could execute arbitrary script code within the browser / server trust relationship. This affects version 3.9.1. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 77157
    published 2014-08-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77157
    title WordPress < 3.7.4 / 3.8.4 / 3.9.2 Multiple Vulnerabilities
refmap via4
confirm
debian DSA-3001
secunia 58002
Last major update 06-01-2017 - 21:59
Published 04-06-2014 - 10:55
Back to Top