Candidate: CVE-2013-2202
PublicDate: 2013-07-08 20:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2202
 http://codex.wordpress.org/Version_3.5.2
Description:
 WordPress before 3.5.2 allows remote attackers to read arbitrary files via
 an oEmbed XML provider response containing an external entity declaration
 in conjunction with an entity reference, related to an XML External Entity
 (XXE) issue.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=713947
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_wordpress:
upstream_wordpress: released (3.5.2+dfsg-1)
lucid_wordpress: ignored (reached end-of-life)
precise_wordpress: ignored (reached end-of-life)
precise/esm_wordpress: DNE (precise was needs-triage)
quantal_wordpress: ignored (reached end-of-life)
raring_wordpress: ignored (reached end-of-life)
saucy_wordpress: not-affected (3.5.2+dfsg-1)
trusty_wordpress: not-affected (3.5.2+dfsg-1)
trusty/esm_wordpress: DNE (trusty was not-affected [3.5.2+dfsg-1])
utopic_wordpress: not-affected (3.5.2+dfsg-1)
vivid_wordpress: not-affected (3.5.2+dfsg-1)
vivid/stable-phone-overlay_wordpress: DNE
vivid/ubuntu-core_wordpress: DNE
wily_wordpress: not-affected (3.5.2+dfsg-1)
xenial_wordpress: not-affected (3.5.2+dfsg-1)
yakkety_wordpress: not-affected (3.5.2+dfsg-1)
zesty_wordpress: not-affected (3.5.2+dfsg-1)
devel_wordpress: not-affected (3.5.2+dfsg-1)