Описание
Multiple buffer overflows in the (a) Session Clustering Daemon and the (b) mod_cluster module in the Zend Platform 2.2.1 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a (1) empty or (2) crafted PHP session identifier (PHPSESSID).
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.2.1a (включая)
cpe:2.3:a:zend:zend_platform:*:a:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04556
Низкий
7.5 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Multiple buffer overflows in the (a) Session Clustering Daemon and the (b) mod_cluster module in the Zend Platform 2.2.1 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a (1) empty or (2) crafted PHP session identifier (PHPSESSID).
EPSS
Процентиль: 89%
0.04556
Низкий
7.5 High
CVSS2
Дефекты
CWE-119