The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
2014-08-18T11:15:27.433
2025-04-12T10:46:40.837
Deferred
CVSSv2: 5.0 (MEDIUM)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | wordpress | wordpress | ≤ 3.9.1 | Yes |
| Application | wordpress | wordpress | 3.0 | Yes |
| Application | wordpress | wordpress | 3.0.1 | Yes |
| Application | wordpress | wordpress | 3.0.2 | Yes |
| Application | wordpress | wordpress | 3.0.3 | Yes |
| Application | wordpress | wordpress | 3.0.4 | Yes |
| Application | wordpress | wordpress | 3.0.5 | Yes |
| Application | wordpress | wordpress | 3.0.6 | Yes |
| Application | wordpress | wordpress | 3.1 | Yes |
| Application | wordpress | wordpress | 3.1.1 | Yes |
| Application | wordpress | wordpress | 3.1.2 | Yes |
| Application | wordpress | wordpress | 3.1.3 | Yes |
| Application | wordpress | wordpress | 3.1.4 | Yes |
| Application | wordpress | wordpress | 3.2 | Yes |
| Application | wordpress | wordpress | 3.2 | Yes |
| Application | wordpress | wordpress | 3.2.1 | Yes |
| Application | wordpress | wordpress | 3.3 | Yes |
| Application | wordpress | wordpress | 3.3.1 | Yes |
| Application | wordpress | wordpress | 3.3.2 | Yes |
| Application | wordpress | wordpress | 3.3.3 | Yes |
| Application | wordpress | wordpress | 3.4.0 | Yes |
| Application | wordpress | wordpress | 3.4.1 | Yes |
| Application | wordpress | wordpress | 3.4.2 | Yes |
| Application | wordpress | wordpress | 3.5.0 | Yes |
| Application | wordpress | wordpress | 3.5.1 | Yes |
| Application | wordpress | wordpress | 3.6 | Yes |
| Application | wordpress | wordpress | 3.6.1 | Yes |
| Application | wordpress | wordpress | 3.7 | Yes |
| Application | wordpress | wordpress | 3.7.1 | Yes |
| Application | wordpress | wordpress | 3.8 | Yes |
| Application | wordpress | wordpress | 3.8.1 | Yes |
| Application | wordpress | wordpress | 3.9.0 | Yes |
| Application | drupal | drupal | 6.0 | Yes |
| Application | drupal | drupal | 6.0 | Yes |
| Application | drupal | drupal | 6.0 | Yes |
| Application | drupal | drupal | 6.0 | Yes |
| Application | drupal | drupal | 6.0 | Yes |
| Application | drupal | drupal | 6.0 | Yes |
| Application | drupal | drupal | 6.0 | Yes |
| Application | drupal | drupal | 6.0 | Yes |
| Application | drupal | drupal | 6.0 | Yes |
| Application | drupal | drupal | 6.0 | Yes |
| Application | drupal | drupal | 6.1 | Yes |
| Application | drupal | drupal | 6.2 | Yes |
| Application | drupal | drupal | 6.3 | Yes |
| Application | drupal | drupal | 6.4 | Yes |
| Application | drupal | drupal | 6.5 | Yes |
| Application | drupal | drupal | 6.6 | Yes |
| Application | drupal | drupal | 6.7 | Yes |
| Application | drupal | drupal | 6.8 | Yes |
| Application | drupal | drupal | 6.9 | Yes |
| Application | drupal | drupal | 6.10 | Yes |
| Application | drupal | drupal | 6.11 | Yes |
| Application | drupal | drupal | 6.12 | Yes |
| Application | drupal | drupal | 6.13 | Yes |
| Application | drupal | drupal | 6.14 | Yes |
| Application | drupal | drupal | 6.15 | Yes |
| Application | drupal | drupal | 6.16 | Yes |
| Application | drupal | drupal | 6.17 | Yes |
| Application | drupal | drupal | 6.18 | Yes |
| Application | drupal | drupal | 6.19 | Yes |
| Application | drupal | drupal | 6.20 | Yes |
| Application | drupal | drupal | 6.21 | Yes |
| Application | drupal | drupal | 6.22 | Yes |
| Application | drupal | drupal | 6.23 | Yes |
| Application | drupal | drupal | 6.24 | Yes |
| Application | drupal | drupal | 6.25 | Yes |
| Application | drupal | drupal | 6.26 | Yes |
| Application | drupal | drupal | 6.27 | Yes |
| Application | drupal | drupal | 6.28 | Yes |
| Application | drupal | drupal | 6.29 | Yes |
| Application | drupal | drupal | 6.30 | Yes |
| Application | drupal | drupal | 6.31 | Yes |
| Application | drupal | drupal | 6.32 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.0 | Yes |
| Application | drupal | drupal | 7.1 | Yes |
| Application | drupal | drupal | 7.2 | Yes |
| Application | drupal | drupal | 7.3 | Yes |
| Application | drupal | drupal | 7.4 | Yes |
| Application | drupal | drupal | 7.5 | Yes |
| Application | drupal | drupal | 7.6 | Yes |
| Application | drupal | drupal | 7.7 | Yes |
| Application | drupal | drupal | 7.8 | Yes |
| Application | drupal | drupal | 7.9 | Yes |
| Application | drupal | drupal | 7.10 | Yes |
| Application | drupal | drupal | 7.11 | Yes |
| Application | drupal | drupal | 7.12 | Yes |
| Application | drupal | drupal | 7.13 | Yes |
| Application | drupal | drupal | 7.14 | Yes |
| Application | drupal | drupal | 7.15 | Yes |
| Application | drupal | drupal | 7.16 | Yes |
| Application | drupal | drupal | 7.17 | Yes |
| Application | drupal | drupal | 7.18 | Yes |
| Application | drupal | drupal | 7.19 | Yes |
| Application | drupal | drupal | 7.20 | Yes |
| Application | drupal | drupal | 7.21 | Yes |
| Application | drupal | drupal | 7.22 | Yes |
| Application | drupal | drupal | 7.23 | Yes |
| Application | drupal | drupal | 7.24 | Yes |
| Application | drupal | drupal | 7.25 | Yes |
| Application | drupal | drupal | 7.26 | Yes |
| Application | drupal | drupal | 7.27 | Yes |
| Application | drupal | drupal | 7.28 | Yes |
| Application | drupal | drupal | 7.29 | Yes |
| Application | drupal | drupal | 7.30 | Yes |
| Application | drupal | drupal | 7.x-dev | Yes |
| Operating System | debian | debian_linux | 7.0 | Yes |