Description

The XML_RPC_cd function in lib/pear/XML/RPC.php in Revive Adserver before 3.0.6 allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted XML-RPC request, aka an XML Entity Expansion (XEE) attack.

Remediation

References

CVE-2014-8875

Related Vulnerabilities

WordPress Plugin Pagination by BestWebSoft Cross-Site Scripting (1.0.6)

PleskWin Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4878)

Liferay version older than 7.0

WordPress Plugin Shibboleth Cross-Site Scripting (1.7)

Apache HTTP Server CVE-1999-0070 Vulnerability (CVE-1999-0070)

Severity

Medium

Classification

CVE-2014-8875

Tags

Missing Update Known Vulnerabilities