Page 3 of 11 results (0.020 seconds)

CVSS: 4.3EPSS: 0%CPEs: 20EXPL: 0

Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate method and unspecified "database backed session classes." Vulnerabilidad de fijación de sesión en lib/user/sfBasicSecurityUser.class.php en SensioLabs Symfony antes de v1.4.18 permite a atacantes remotos secuestrar sesiones web a través de vectores relacionados con el método 'regenerate' y "clases de sesión de respaldo de base de datos" no especificadas. • http://secunia.com/advisories/49312 http://symfony.com/blog/security-release-symfony-1-4-18-released http://trac.symfony-project.org/browser/tags/RELEASE_1_4_18/CHANGELOG http://www.openwall.com/lists/oss-security/2012/06/04/1 http://www.openwall.com/lists/oss-security/2012/06/05/2 http://www.securityfocus.com/bid/53776 https://exchange.xforce.ibmcloud.com/vulnerabilities/76027 •