oss-security - Re: CVE Request: zendframework SQL injections

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Message-Id: <20151011180322.DD4356C00C8@smtpvmsrv1.mitre.org>
Date: Sun, 11 Oct 2015 14:03:22 -0400 (EDT)
From: cve-assign@...re.org
To: alessandro@...dini.me
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE Request: zendframework SQL injections

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> ZF2015-08: Potential SQL injection vector using null byte for PDO (MsSql, SQLite)
> http://framework.zend.com/security/advisory/ZF2015-08
> https://github.com/zendframework/zf1/commit/2ac9c30f73ec2e6235c602bed745749a551b4fe2

Use CVE-2015-7695.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWGqN3AAoJEL54rhJi8gl5k5QQALDsGbqgYT2VPemrDKutgWlr
8J3OCzEhdGYU5xwDymDtRzl8yDKp/BDy3SvQVKgUtgAVNUpaE2zwj4F5fa//MH+K
h7m1oqq6xdICr2DGCUaJyEsTtPih5vxfkobTlAJs1ePF5KFQOeEIbd6RiqiXPKH2
iIFJ/5boTtkhlljvjRSkJgJm/QvAWd4SXQU2lXCB/9iOuY25FvWH9rXHF7TLxVCb
orvfDGN6uxvHkgejTG7ZvD/wFJgXUxV5oGsnatMkBrg+Bovg0nLpwu3YreAmBchM
lmE+PHCAWyYUsamHE1m9/N8w0Ad6/RFexdo0aIkuT1nG6p153Nq9MHHQAUCdgveH
O2YvnFgEwu09cABL/XcwPhcoz4q8XOzNcC7y171ZTuGM285vyifZi+OmMW9A1MyV
V0pVuu1CC1uIj5e9lXYF6OvWcExytsGIoRi6r7235OyIWXpnUQG424+g8WZL0e51
Z4P+Rg3y/qORzny+C51kJXEP7CV0T+A27uCHYHDx2zWSQhcS9bEgs86XpKK73PJW
08pKqThefYhkho3GyqvnieS27ZCBPOCEbMtDgEjJz2jG+l0Hg/2vRGAEVXYcejZe
5D8jgHyvEt/yvh+ez9OgJm2rJegCzifighmhN8F6YQL/qnZJyPKi4KvzAdStvfFT
u3K7OXNk0qOtF6g3RrD3
=hFXA
-----END PGP SIGNATURE-----

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.