CVE-2012-5657 in Zend Frameworkinfo

Zusammenfassung (Englisch)

The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and memory consumption) via an XML External Entity (XXE) attack.

Reservieren

24.10.2012

Veröffentlichung

02.05.2013

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
7186	Zend Framework Zend_Feed_Rss XXE Information Disclosure	200	Proof-of-Concept	Offizieller Fix	CVE-2012-5657
7185	Zend Framework import Information Disclosure	200	Proof-of-Concept	Offizieller Fix	CVE-2012-5657

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

◂ ZurückÜbersichtWeiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!