Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2012-6531

Опубликовано: 13 фев. 2013
Источник: debian
EPSS Низкий

Описание

(1) Zend_Dom, (2) Zend_Feed, and (3) Zend_Soap in Zend Framework 1.x before 1.11.13 and 1.12.x before 1.12.0 do not properly handle SimpleXMLElement classes, which allow remote attackers to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-RPC request, aka an XML external entity (XXE) injection attack, a different vulnerability than CVE-2012-3363.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
zendframeworkfixed1.11.13-1package

EPSS

Процентиль: 75%
0.00905
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2012-6531

ubuntu
почти 13 лет назад

(1) Zend_Dom, (2) Zend_Feed, and (3) Zend_Soap in Zend Framework 1.x before 1.11.13 and 1.12.x before 1.12.0 do not properly handle SimpleXMLElement classes, which allow remote attackers to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-RPC request, aka an XML external entity (XXE) injection attack, a different vulnerability than CVE-2012-3363.

nvd логотип

CVE-2012-6531

nvd
почти 13 лет назад

(1) Zend_Dom, (2) Zend_Feed, and (3) Zend_Soap in Zend Framework 1.x before 1.11.13 and 1.12.x before 1.12.0 do not properly handle SimpleXMLElement classes, which allow remote attackers to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-RPC request, aka an XML external entity (XXE) injection attack, a different vulnerability than CVE-2012-3363.

github логотип

GHSA-h5p3-7mg6-hgj4

github
больше 3 лет назад

Zend Framework XEE Vulnerability

EPSS

Процентиль: 75%
0.00905
Низкий