CVE-2012-5657
02.05.2013, 14:55
The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and memory consumption) via an XML External Entity (XXE) attack.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| zend | zend_framework | 1.11.0 |
| zend | zend_framework | 1.11.1 |
| zend | zend_framework | 1.11.2 |
| zend | zend_framework | 1.11.3 |
| zend | zend_framework | 1.11.4 |
| zend | zend_framework | 1.11.5 |
| zend | zend_framework | 1.11.6 |
| zend | zend_framework | 1.11.7 |
| zend | zend_framework | 1.11.8 |
| zend | zend_framework | 1.11.9 |
| zend | zend_framework | 1.11.10 |
| zend | zend_framework | 1.11.11 |
| zend | zend_framework | 1.11.12 |
| zend | zend_framework | 1.11.13 |
| zend | zend_framework | 1.12.0 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| zend-framework |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
| zendframework |
|
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| php-ZendFramework |
| ||
| php-ZendFramework-Auth-Adapter-Ldap |
| ||
| php-ZendFramework-Cache-Backend-Apc |
| ||
| php-ZendFramework-Cache-Backend-Libmemcached |
| ||
| php-ZendFramework-Cache-Backend-Memcached |
| ||
| php-ZendFramework-Captcha |
| ||
| php-ZendFramework-Db-Adapter-Mysqli |
| ||
| php-ZendFramework-Db-Adapter-Pdo |
| ||
| php-ZendFramework-Db-Adapter-Pdo-Mssql |
| ||
| php-ZendFramework-Db-Adapter-Pdo-Mysql |
| ||
| php-ZendFramework-Db-Adapter-Pdo-Pgsql |
| ||
| php-ZendFramework-Dojo |
| ||
| php-ZendFramework-Feed |
| ||
| php-ZendFramework-Ldap |
| ||
| php-ZendFramework-Pdf |
| ||
| php-ZendFramework-Search-Lucene |
| ||
| php-ZendFramework-Serializer-Adapter-Igbinary |
| ||
| php-ZendFramework-Services |
| ||
| php-ZendFramework-Soap |
| ||
| php-ZendFramework-demos |
| ||
| php-ZendFramework-extras |
| ||
| php-ZendFramework-full |
|
Common Weakness Enumeration
References