← Volver a CVEs
CVE-2013-4752
MEDIUM6.1
Descripcion
Symfony 2.0.X before 2.0.24, 2.1.X before 2.1.12, 2.2.X before 2.2.5, and 2.3.X before 2.3.3 have an issue in the HttpFoundation component. The Host header can be manipulated by an attacker when the framework is generating an absolute URL. A remote attacker could exploit this vulnerability to inject malicious content into the Web application page and conduct various attacks.
Detalles CVE
Puntuacion CVSS v3.16.1
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado1/2/2020
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
fedoraproject:fedorasensiolabs:symfony
Debilidades (CWE)
CWE-79
Referencias
http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released(cve@mitre.org)
http://www.securityfocus.com/bid/61715(cve@mitre.org)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4752(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86365(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86366(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86367(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86368(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86369(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86370(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86371(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86372(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86373(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86374(cve@mitre.org)
http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114450.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114461.html(af854a3a-2127-422b-91ae-364da2661108)
http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/61715(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4752(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86365(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86366(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86367(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86368(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86369(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86370(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86371(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86372(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86373(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/86374(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.