APP: Zend Technologies Zend Framework Zend_XmlRpc Information Disclosure

This signature detects attempts to exploit a known flaw in Zend Technologies Zend Framework. A successful attack can lead to unauthorized information disclosure.

Extended Description

Zend Framework is prone to an information-disclosure vulnerability. Successful exploit of this issue allows an attacker to gain access to certain local files. Information obtained may aid in further attacks. Zend Framework versions prior to 1.11.12 and 1.12.0 are vulnerable.

Affected Products

Zend zend_framework,Zend zend_framework

References

BugTraq: 54192

CVE: CVE-2012-3363

Short Name
APP:MISC:ZEND-XMLRPC-INFO-DISC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2012-3363 Disclosure Framework Information Technologies Zend Zend_XmlRpc bid:54192
Release Date
01/09/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

Red_hat

Magento

Zend

Debian

CVSS Score

6.4

Found a potential security threat?