Vulnerability CVE-2015-5723


Published: 2016-06-07

Description:
Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local users to execute arbitrary PHP code with additional privileges by leveraging an application with the umask set to 0 and that executes cache entries as code.

Vendor: Debian
Product: Debian linux 
Version: 8.0; 7.0;
Vendor: Doctrine-project
Product: Doctrinemongodbbundle 
Version: 3.0.0;
Product: Common 
Version: 2.5.0; 2.4.2;
Product: Object relational mapper 
Version: 2.5.0; 2.4.7;
Product: Cache 
Version:
1.4.1
1.4.0
1.3.1
Product: Annotations 
Version: 1.2.6;
Product: Mongodb-odm 
Version: 1.0.1;
Vendor: ZEND
Product: Zend-cache 
Version:
2.5.2
2.5.1
2.5.0
2.4.7
Product: Zend framework 
Version: 2.4.7; 1.12.15;
Product: Zf-apigility-doctrine 
Version: 1.0.2;

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html
http://www.debian.org/security/2015/dsa-3369
http://framework.zend.com/security/advisory/ZF2015-07

Related CVE
CVE-2018-1000841
Zend.To version Prior to 5.15-1 contains a Cross Site Scripting (XSS) vulnerability in The verify.php page that can result in An attacker could execute arbitrary Javascript code in the context of the victim's browser.. This attack appear to be exploi...
CVE-2018-10230
Zend Debugger in Zend Server before 9.1.3 has XSS, aka ZSR-2455.
CVE-2014-4914
The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors.
CVE-2015-7503
Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before 2.4.9, and 2.5.x before 2.5.2 allows remote attackers to recover the RSA private key.
CVE-2015-3257
Zend/Diactoros/Uri::filterPath in zend-diactoros before 1.0.4 does not properly sanitize path input, which allows remote attackers to perform cross-site scripting (XSS) or open redirect attacks.
CVE-2015-1555
Zend/Session/SessionManager in Zend Framework 2.2.x before 2.2.9, 2.3.x before 2.3.4 allows remote attackers to create valid sessions without using session validators.
CVE-2015-1786
Cross-site request forgery (CSRF) vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers.
CVE-2016-6233
The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework before 1.12.19 might allow remote attackers to conduct SQL injection attacks via vectors related to use of the character pattern [\w]* in a regular expression.

Copyright 2019, cxsecurity.com

 

Back to Top