VDB
GCVE-110-MAGEIA-2014-433
GCVE-110-MAGEIA-2014-433
Advisory Published
It was reported that the Zabbix frontend supported an XML data import feature,
where on the server it used DOMDocument to parse the XML. By default,
DOMDocument also parses the external DTD, which could allow a remote attacker
to use a crafted XML file causing Zabbix to read an arbitrary local file, and
send the contents of the specified file to a remote server (CVE-2014-3005).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | zabbix | 0 (affected), 2.0.13-1.mga4 (unaffected) | — |
| Mageia | zabbix | 0 (affected), 2.0.13-1.mga3 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,053 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.