|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 2602-1 (zendframework - XML external entity inclusion)|
|Summary:||Yury Dyachenko discovered that Zend Framework uses the PHP XML parser;in an insecure way, allowing attackers to open files and trigger HTTP;requests, potentially accessing restricted information.|
Yury Dyachenko discovered that Zend Framework uses the PHP XML parser
in an insecure way, allowing attackers to open files and trigger HTTP
requests, potentially accessing restricted information.
zendframework on Debian Linux
For the stable distribution (squeeze), this problem has been fixed in
For the testing distribution (wheezy), this problem has been fixed in
For the unstable distribution (sid), this problem has been fixed in
We recommend that you upgrade your zendframework packages.
Common Vulnerability Exposure (CVE) ID: CVE-2012-5657|
Debian Security Information: DSA-2602 (Google Search)
|Copyright||Copyright (C) 2013 Greenbone Networks GmbH http://greenbone.net|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.