CVE-2015-5161

Severity

68%

Complexity

86%

Confidentiality

106%

CWE-611: Improper Restriction of XML External Entity Reference ('XXE')

The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework before 1.12.14, 2.x before 2.4.6, and 2.5.x before 2.5.2, when running under PHP-FPM in a threaded environment, allows remote attackers to bypass security checks and conduct XML external entity (XXE) and XML entity expansion (XEE) attacks via multibyte encoded characters.

CWE-611: Improper Restriction of XML External Entity Reference ('XXE')

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

Type

Zend Framework

First reported 9 years ago

2015-08-25 17:59:00

Last updated 8 years ago

2016-12-24 02:59:00

Affected Software

Zend Framework 1.0.0

1.0.0

Zend Framework 1.0.0 Release Candidate 1

1.0.0

Zend Framework 1.0.0 Release Candidate

1.0.0

Zend Framework 1.0.0 Release Candidate 2a

1.0.0

Zend Framework 1.0.0 Release Candidate 3

1.0.0

Zend Framework 1.0.1

1.0.1

Zend Framework 1.0.2

1.0.2

Zend Framework 1.0.3

1.0.3

Zend Framework 1.0.4

1.0.4

Zend Framework 1.5.0 Release Candidate 1

1.5.0

Zend Framework 1.5.0 Release Candidate 2

1.5.0

Zend Framework 1.5.0 Release Candidate 3

1.5.0

Zend Framework 1.5.1

1.5.1

Zend Framework 1.5.2

1.5.2

Zend Framework 1.5.3

1.5.3

Zend Framework 1.6.0

1.6.0

Zend Framework 1.6.0 Release Candidate 1

1.6.0

Zend Framework 1.6.0 Release Candidate 2

1.6.0

Zend Framework 1.6.0 Release Candidate 3

1.6.0

Zend Framework 1.6.1

1.6.1

Zend Framework 1.6.2

1.6.2

Zend Framework 1.7.0

1.7.0

Zend Framework 1.7.0pl1

1.7.0

Zend Framework 1.7.0pr

1.7.0

Zend Framework 1.7.1

1.7.1

Zend Framework 1.7.2

1.7.2

Zend Framework 1.7.3

1.7.3

Zend Framework 1.7.3pl1

1.7.3

Zend Framework 1.7.4

1.7.4

Zend Framework 1.7.5

1.7.5

Zend Framework 1.7.6

1.7.6

Zend Framework 1.7.7

1.7.7

Zend Framework 1.7.8

1.7.8

Zend Framework 1.7.9

1.7.9

Zend Framework 1.8.0

1.8.0

Zend Framework 1.8.0a1

1.8.0

Zend Framework 1.8.0b1

1.8.0

Zend Framework 1.8.1

1.8.1

Zend Framework 1.8.2

1.8.2

Zend Framework 1.8.3

1.8.3

Zend Framework 1.8.4

1.8.4

Zend Framework 1.8.4pl1

1.8.4

Zend Framework 1.8.5

1.8.5

Zend Framework 1.9.0

1.9.0

Zend Framework 1.9.0a1

1.9.0

Zend Framework 1.9.0b1

1.9.0

Zend Framework 1.9.0rc1

1.9.0

Zend Framework 1.9.1

1.9.1

Zend Framework 1.9.2

1.9.2

Zend Framework 1.9.3

1.9.3

Zend Framework 1.9.3pl1

1.9.3

Zend Framework 1.9.4

1.9.4

Zend Framework 1.9.5

1.9.5

Zend Framework 1.9.6

1.9.6

Zend Framework 1.9.7

1.9.7

Zend Framework 1.9.8

1.9.8

Zend Framework 1.10.0

1.10.0

Zend Framework 1.10.0alpha1

1.10.0

Zend Framework 1.10.0beta1

1.10.0

Zend Framework 1.10.0 Release Candidate 1

1.10.0

Zend Framework 1.10.1

1.10.1

Zend Framework 1.10.2

1.10.2

Zend Framework 1.10.3

1.10.3

Zend Framework 1.10.4

1.10.4

Zend Framework 1.10.5

1.10.5

Zend Framework 1.10.6

1.10.6

Zend Framework 1.10.7

1.10.7

Zend Framework 1.10.8

1.10.8

Zend Framework 1.10.9

1.10.9

Zend Framework 1.11.0

1.11.0

Zend Framework 1.11.0b1

1.11.0

Zend Framework 1.11.0 Release Candidate 1

1.11.0

Zend Framework 1.11.1

1.11.1

Zend Framework 1.11.2

1.11.2

Zend Framework 1.11.3

1.11.3

Zend Framework 1.11.4

1.11.4

Zend Framework 1.11.5

1.11.5

Zend Framework 1.11.6

1.11.6

Zend Framework 1.11.7

1.11.7

Zend Framework 1.11.8

1.11.8

Zend Framework 1.11.9

1.11.9

Zend Framework 1.11.10

1.11.10

Zend Framework 1.11.11

1.11.11

Zend Framework 1.11.12

1.11.12

Zend Framework 1.11.13

1.11.13

Zend Framework 1.12.0

1.12.0

Zend Framework 1.12.0 Release Candidate 1

1.12.0

Zend Framework 1.12.0 Release Candidate 2

1.12.0

Zend Framework 1.12.0 Release Candidate 3

1.12.0

Zend Framework 1.12.0 Release Candidate 4

1.12.0

Zend Framework 1.12.1

1.12.1

Zend Framework 1.12.2

1.12.2

Zend Framework 1.12.3

1.12.3

Zend Framework 1.12.4

1.12.4

Zend Framework 1.12.5

1.12.5

Zend Framework 1.12.6

1.12.6

Zend Framework 1.12.7

1.12.7

Zend Framework 1.12.8

1.12.8

Zend Framework 1.12.9

1.12.9

Zend Framework 1.12.10

1.12.10

Zend Framework 1.12.11

1.12.11

Zend Framework 1.12.12

1.12.12

Zend Framework 1.12.13

1.12.13

Zend Framework 2.0.0

2.0.0

Zend Framework 2.0.0 Release Candidate 1

2.0.0

Zend Framework 2.0.0 Release Candidate 2

2.0.0

Zend Framework 2.0.0 Release Candidate 3

2.0.0

Zend Framework 2.0.0 Release Candidate 4

2.0.0

Zend Framework 2.0.0 Release Candidate 5

2.0.0

Zend Framework 2.0.0 Release Candidate 6

2.0.0

Zend Framework 2.0.0 Release Candidate 7

2.0.0

Zend Framework 2.0.1

2.0.1

Zend Framework 2.0.2

2.0.2

Zend Framework 2.0.3

2.0.3

Zend Framework 2.0.4

2.0.4

Zend Framework 2.0.5

2.0.5

Zend Framework 2.0.6

2.0.6

Zend Framework 2.0.7

2.0.7

Zend Framework 2.1.0

2.1.0

Zend Framework 2.1.1

2.1.1

Zend Framework 2.1.2

2.1.2

Zend Framework 2.1.3

2.1.3

Zend Framework 2.1.4

2.1.4

Zend Zend Framework 2.1.5

2.1.5

Zend Framework 2.1.6

2.1.6

Zend Framework 2.2.0

2.2.0

Zend Framework 2.2.1

2.2.1

Zend Framework 2.2.2

2.2.2

Zend Framework 2.2.3

2.2.3

Zend Framework 2.2.4

2.2.4

Zend Framework 2.2.5

2.2.5

Zend Framework 2.2.6

2.2.6

Zend Framework 2.2.7

2.2.7

Zend Framework 2.2.8

2.2.8

Zend Framework 2.2.9

2.2.9

Zend Framework 2.2.10

2.2.10

Zend Framework 2.3.0

2.3.0

Zend Framework 2.3.1

2.3.1

Zend Framework 2.3.2

2.3.2

Zend Framework 2.3.3

2.3.3

Zend Framework 2.3.4

2.3.4

Zend Framework 2.3.5

2.3.5

Zend Framework 2.3.6

2.3.6

Zend Framework 2.3.7

2.3.7

Zend Framework 2.3.8

2.3.8

Zend Framework 2.3.9

2.3.9

Zend Framework 2.4.0

2.4.0

Zend Framework 2.4.1

2.4.1

Zend Framework 2.4.2

2.4.2

Zend Framework 2.4.3

2.4.3

Zend Framework 2.4.4

2.4.4

Zend Framework 2.4.5

2.4.5

Zend Framework 2.5.0

2.5.0

Zend Framework 2.5.1

2.5.1

References

http://framework.zend.com/security/advisory/ZF2015-06

Vendor Advisory

http://legalhackers.com/advisories/zend-framework-XXE-vuln.txt

Exploit

FEDORA-2015-13314

FEDORA-2015-13529

FEDORA-2015-13488

http://packetstormsecurity.com/files/133068/Zend-Framework-2.4.2-1.12.13-XXE-Injection.html

Exploit

20150813 Zend Framework <= 2.4.2 XML eXternal Entity Injection (XXE) on PHP FPM

Exploit

DSA-3340

76177

Exploit

37765

Exploit

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.