CVE-2015-8125
https://notcve.org/view.php?id=CVE-2015-8125
Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices or (2) Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener class in the Symfony Security Component, or (3) legacy CSRF implementation from the Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider class in the Symfony Form component. Symfony 2.3.x en versiones anteriores a 2.3.35, 2.6.x en versiones anteriores a 2.6.12 y 2.7.x en versiones anteriores a 2.7.7 podría permitir a atacantes remotos tener un impacto no especificado a través de un ataque de sincronización involucrando las clases (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices o (2) Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener en la implementación Symfony Security Component o la implementación de (3) legacy CSRF de la clase Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider en el componente Symfony Form. • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html http://www.debian.org/security/2015/dsa-3402 http://www.securityfocus.com/bid/77692 https://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service •
CVE-2015-2308
https://notcve.org/view.php?id=CVE-2015-2308
Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element. Vulnerabilidad de inyección Eval en la clase HttpCache en HttpKernel en Symfony 2.x anterior a 2.3.27, 2.4.x y 2.5.x anterior a 2.5.11, y 2.6.x anterior a 2.6.6 permite a atacantes remotos ejecutar código PHP arbitrario a través de un atributo language='php' de un elemento SCRIPT. • http://jvn.jp/en/jp/JVN19578958/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000089 http://www.securityfocus.com/bid/75357 https://symfony.com/blog/cve-2015-2308-esi-code-injection • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2015-4050
https://notcve.org/view.php?id=CVE-2015-4050
FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment. FragmentListener en el componente HttpKernel en Symfony 2.3.19 hasta 2.3.28, 2.4.9 hasta 2.4.10, 2.5.4 hasta 2.5.11, y 2.6.0 hasta 2.6.7, cuando ek soporte ESI o SSI está habilitado, no comprueba si el atributo _controller esta configurado, lo que permite a atacantes remotos evadir la firma de URLs y las reglas de seguridad mediante la inclusión de (1) ningún hash o (2) un hash inválido en una solicitud a /_fragment. • http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159513.html http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159603.html http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159610.html http://symfony.com/blog/cve-2015-4050-esi-unauthorized-access http://www.debian.org/security/2015/dsa-3276 http://www.securityfocus.com/bid/74928 • CWE-284: Improper Access Control •
CVE-2013-5958
https://notcve.org/view.php?id=CVE-2013-5958
The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation, a similar issue to CVE-2013-5750. El componente de seguridad en Symfony 2.0.x anterior a 2.0.25, 2.1.x anterior a 2.1.13, 2.2.x anterior a 2.2.9, y 2.3.x anterior a 2.3.6 permite a atacantes remotos causar una denegación de servicio (consumo de CPU) a través de una contraseña larga que lanza un hash con alta carga de computación, como lo demuestra el cálculo PBKDF2, un problema similar a CVE-2013-5750 • http://symfony.com/blog/security-releases-cve-2013-5958-symfony-2-0-25-2-1-13-2-2-9-and-2-3-6-released • CWE-399: Resource Management Errors •
CVE-2013-1397
https://notcve.org/view.php?id=CVE-2013-1397
Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the (1) Yaml::parse or (2) Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348. Symfony 2.0.x anterior a 2.0.22, 2.1.x anterior a 2.1.7 y 2.2.x permite a atacantes remotos ejecutar código PHP arbitrario a través de un objeto PHP serializado hacia la función (1) Yaml::parse o (2) Yaml\Parser::parse, una vulnerabilidad diferente a CVE-2013-1348. • http://secunia.com/advisories/51980 http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released http://www.securityfocus.com/bid/57574 https://exchange.xforce.ibmcloud.com/vulnerabilities/81551 • CWE-94: Improper Control of Generation of Code ('Code Injection') •