CVE-2012-5657
02.05.2013, 14:55
The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and memory consumption) via an XML External Entity (XXE) attack.Enginsight
| Vendor | Product | Version |
|---|---|---|
| zend | zend_framework | 1.11.0 |
| zend | zend_framework | 1.11.1 |
| zend | zend_framework | 1.11.2 |
| zend | zend_framework | 1.11.3 |
| zend | zend_framework | 1.11.4 |
| zend | zend_framework | 1.11.5 |
| zend | zend_framework | 1.11.6 |
| zend | zend_framework | 1.11.7 |
| zend | zend_framework | 1.11.8 |
| zend | zend_framework | 1.11.9 |
| zend | zend_framework | 1.11.10 |
| zend | zend_framework | 1.11.11 |
| zend | zend_framework | 1.11.12 |
| zend | zend_framework | 1.11.13 |
| zend | zend_framework | 1.12.0 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| zend-framework |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
| zendframework |
|
Common Weakness Enumeration
References