Published: 18/12/2012 Updated: 29/08/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Subscribe to Symfony

lib/form/sfForm.class.php in Symfony CMS prior to 1.4.20 allows remote malicious users to read arbitrary files via a crafted upload request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sensiolabs symfony 1.4.13
sensiolabs symfony 1.4.12
sensiolabs symfony 1.4.4
sensiolabs symfony 1.4.3
sensiolabs symfony 1.4.17
sensiolabs symfony 1.4.16
sensiolabs symfony 1.4.8
sensiolabs symfony 1.4.7
sensiolabs symfony 1.4.0
sensiolabs symfony
sensiolabs symfony 1.4.18
sensiolabs symfony 1.4.11
sensiolabs symfony 1.4.10
sensiolabs symfony 1.4.9
sensiolabs symfony 1.4.2
sensiolabs symfony 1.4.1
sensiolabs symfony 1.4.15
sensiolabs symfony 1.4.14
sensiolabs symfony 1.4.6
sensiolabs symfony 1.4.5

CWE-264 http://www.openwall.com/lists/oss-security/2012/11/26/12 http://symfony.com/blog/security-release-symfony-1-4-20-released https://bugs.gentoo.org/show_bug.cgi?id=444696 http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093922.html https://bugzilla.redhat.com/show_bug.cgi?id=880240 http://www.securityfocus.com/bid/56685 http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093698.html http://www.osvdb.org/87869 http://secunia.com/advisories/51372 http://trac.symfony-project.org/changeset/33598 http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093920.html https://exchange.xforce.ibmcloud.com/vulnerabilities/80309 https://nvd.nist.gov

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook