RSS   Vulnerabilities for 'Annotations'   RSS

2016-06-07
 
CVE-2015-5723

 

 
Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local users to execute arbitrary PHP code with additional privileges by leveraging an application with the umask set to 0 and that executes cache entries as code.

 

 >>> Vendor: Doctrine-project 11 Products
Doctrine
Doctrine1.2.0
Doctrine1.2.1
Doctrine1.2.2
Doctrine1.2.3
Annotations
Cache
Common
Doctrinemongodbbundle
Mongodb-odm
Object relational mapper


Copyright 2017, cxsecurity.com

 

Back to Top