First published: Tue Sep 16 2014(Updated: )
SQL injection vector when manually quoting values for sqlsrv extension, using null byte
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
composer/zendframework/zendframework | >=2.0.0<2.0.99>=2.1.0<2.1.99>=2.2.0<2.2.8>=2.3.0<2.3.3 | |
composer/zendframework/zend-db | >=2.0.0<2.0.99>=2.1.0<2.1.99>=2.2.0<2.2.8>=2.3.0<2.3.3 | |
composer/zendframework/zendframework1 | >=1.12.0<1.12.9 | |
Zend Zend Framework | <1.12.9 | |
Zend Zend Framework | >=2.2.0<2.2.8 | |
Zend Zend Framework | >=2.3.0<2.3.3 | |
Redhat Enterprise Linux | =6.0 | |
Redhat Enterprise Linux | =7.0 | |
Fedoraproject Fedora | =19 | |
Fedoraproject Fedora | =20 | |
Fedoraproject Fedora | =21 | |
debian/zendframework | ||
composer/zendframework/zendframework | >=2.3.0<2.3.3 | 2.3.3 |
composer/zendframework/zendframework | >=2.2.0<2.2.8 | 2.2.8 |
composer/zendframework/zendframework | >=2.1.0<2.1.99 | 2.1.99 |
composer/zendframework/zendframework | >=2.0.0<2.0.99 | 2.0.99 |
composer/zendframework/zend-db | >=2.3.0<2.3.3 | 2.3.3 |
composer/zendframework/zend-db | >=2.2.0<2.2.8 | 2.2.8 |
composer/zendframework/zend-db | >=2.1.0<2.1.99 | 2.1.99 |
composer/zendframework/zend-db | >=2.0.0<2.0.99 | 2.0.99 |
composer/zendframework/zendframework1 | >=1.12.0<1.12.9 | 1.12.9 |
<1.12.9 | ||
>=2.2.0<2.2.8 | ||
>=2.3.0<2.3.3 | ||
=6.0 | ||
=7.0 | ||
=19 | ||
=20 | ||
=21 | ||
redhat/Zend Framework | <1.12.9 | 1.12.9 |
redhat/Zend Framework | <2.2.8 | 2.2.8 |
redhat/Zend Framework | <2.3.3 | 2.3.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.