Vulnerabilities > CVE-2012-3363 - XXE vulnerability in multiple products

047910
CVSS 9.1 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
zend
fedoraproject
debian
CWE-611
critical
nessus
exploit available

Summary

Zend_XmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before 1.12.0 does not properly handle SimpleXMLElement classes, which allows remote attackers to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-RPC request, aka an XML external entity (XXE) injection attack.

Vulnerable Configurations

Part Description Count
Application
Zend
90
OS
Fedoraproject
2
OS
Debian
1

Exploit-Db

descriptionZend Framework Local File Disclosure. CVE-2012-3363. Webapps exploit for php platform
idEDB-ID:19408
last seen2016-02-02
modified2012-06-27
published2012-06-27
reporterSEC Consult
sourcehttps://www.exploit-db.com/download/19408/
titleZend Framework Local File Disclosure

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2505.NASL
    descriptionAn XML External Entities inclusion vulnerability was discovered in Zend Framework, a PHP library. This vulnerability may allow attackers to access to local files, depending on how the framework is used.
    last seen2020-03-17
    modified2012-07-03
    plugin id59824
    published2012-07-03
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59824
    titleDebian DSA-2505-1 : zendframework - information disclosure
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-4387.NASL
    descriptionFix for CVEs: CVE-2012-3363 CVE-2013-1830 CVE-2013-1831 CVE-2013-1832 CVE-2013-1833 CVE-2013-1834 CVE-2013-1835 CVE-2013-1836 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-04-03
    plugin id65775
    published2013-04-03
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/65775
    titleFedora 18 : moodle-2.3.6-1.fc18 (2013-4387)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-4404.NASL
    descriptionFix for CVEs: CVE-2012-3363 CVE-2013-1830 CVE-2013-1831 CVE-2013-1832 CVE-2013-1833 CVE-2013-1834 CVE-2013-1835 CVE-2013-1836 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-04-03
    plugin id65777
    published2013-04-03
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/65777
    titleFedora 17 : moodle-2.2.9-1.fc17 (2013-4404)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-9978.NASL
    descriptionUpdate to 1.11.12 which fixes security issue ZF2012-01: Local file disclosure via XXE injection in Zend_XmlRpc Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-07-16
    plugin id59977
    published2012-07-16
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59977
    titleFedora 16 : php-ZendFramework-1.11.12-1.fc16 (2012-9978)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_EC34D0C2179911E2B4AB000C29033C32.NASL
    descriptionThe Zend Framework team reports : The XmlRpc package of Zend Framework is vulnerable to XML eXternal Entity Injection attacks (both server and client). The SimpleXMLElement class (SimpleXML PHP extension) is used in an insecure way to parse XML data. External entities can be specified by adding a specific DOCTYPE element to XML-RPC requests. By exploiting this vulnerability an application may be coerced to open arbitrary files and/or TCP connections. Additionally, the Zend_Dom, Zend_Feed, Zend_Soap, and Zend_XmlRpc components are vulnerable to XML Entity Expansion (XEE) vectors, leading to Denial of Service vectors. XEE attacks occur when the XML DOCTYPE declaration includes XML entity definitions that contain either recursive or circular references; this leads to CPU and memory consumption, making Denial of Service exploits trivial to implement.
    last seen2020-06-01
    modified2020-06-02
    plugin id62571
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62571
    titleFreeBSD : Zend Framework -- Multiple vulnerabilities via XXE injection (ec34d0c2-1799-11e2-b4ab-000c29033c32)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-9979.NASL
    descriptionUpdate to 1.11.12 which fixes security issue ZF2012-01: Local file disclosure via XXE injection in Zend_XmlRpc Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-07-16
    plugin id59978
    published2012-07-16
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59978
    titleFedora 17 : php-ZendFramework-1.11.12-1.fc17 (2012-9979)