XML External Entity (XXE) vulnerability in getID3() before 1.9.8 allows remote attackers to read arbitrary files, cause denial of service, or possibly have other impact

XML External Entity (XXE) vulnerability in getID3() before 1.9.8 allows remote attackers to read arbitrary files, cause denial of service, or possibly have other impact

CVE-2014-2053 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

Learn more about our Cis Benchmark Audit For Server Software.