Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux

CVE-2014-5265
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 5/10
- Exploit Score
- 10/10
- Access Vector
- Network
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 2.9/10
- Confidentiality Impact
- None
- Availability Impact
- Partial
- Integrity Impact
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:wordpress:wordpress:3.0.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.4.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.6.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.5.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.0.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.2.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.1.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.3.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.0.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.9.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.7.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.1.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.0.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.2:beta1:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.3.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.1.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.0.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.3.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.1.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.8.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.5.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.4.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.4.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:wordpress:wordpress:3.0.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* |
Yes
|
- | - |