Bug 1269078 - (CVE-2015-7695) CVE-2015-7695 php-ZendFramework: potential SQL injection vector using null byte for PDO (ZF2015-08)
CVE-2015-7695 php-ZendFramework: potential SQL injection vector using null by...
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 1269080 1269081
  Show dependency treegraph
Reported: 2015-10-06 05:23 EDT by Martin Prpič
Modified: 2015-10-13 04:14 EDT (History)
3 users (show)

See Also:
Fixed In Version: Zend Framework 1.12.16
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Martin Prpič 2015-10-06 05:23:17 EDT
The PDO adapters of Zend Framework 1 do not filter null bytes values in SQL statements. A PDO adapter can treat null bytes in a query as a string terminator, allowing an attacker to add arbitrary SQL following a null byte, and thus create a SQL injection. 

This issue has been fixed in upstream version 1.12.16.

External References:

Comment 1 Martin Prpič 2015-10-06 05:24:46 EDT
Created php-ZendFramework tracking bugs for this issue:

Affects: epel-all [bug 1269080]
Affects: fedora-all [bug 1269081]

Note You need to log in before you can comment on or make changes to this bug.