Lucene search

K

Veracode Vulnerability DatabaseVERACODE:26614

HistorySep 03, 2020 - 10:15 a.m.

Privilege Escalation And Arbitrary Code Execution

2020-09-0310:15:09

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

12

doctrine

phpcr-odm

vulnerability

privilege escalation

code execution

cache directories

local attackers

EPSS

0

Percentile

5.1%

doctrine/phpcr-odm is vulnerable to privilege escalation and arbitrary code execution. The vulnerability exists due to incorrect writable permissions in cache directories, allowing local attackers to escalate privileges and/or execute arbitrary code.

References

framework.zend.com/security/advisory/ZF2015-07

www.debian.org/security/2015/dsa-3369

www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html

bugzilla.redhat.com/show_bug.cgi?id=1347924

framework.zend.com/security/advisory/ZF2015-07

lists.fedoraproject.org/archives/list/[email protected]/message/2IUUC7HPN4XE5NNTG4MR76OC662XRZUO/

lists.fedoraproject.org/archives/list/[email protected]/message/HPS7A54FQ2CR6PH4NDR6UIYJIRNFXW67/

www.debian.org/security/2015/dsa-3369

EPSS

0

Percentile

5.1%

Related for VERACODE:26614

friendsofphp14 cvelist1 fedora16 openvas14 nessus17 ubuntucve1 osv2 prion1 debian1 nvd1 github1 securityvulns2 cve1 gitlab1 mageia1 debiancve1