Lucene search

K

PRIOn knowledge basePRION:CVE-2011-4718

HistoryAug 13, 2013 - 3:04 p.m.

Session fixation

2013-08-1315:04:00

PRIOn knowledge base

www.prio-n.com

9

9.2 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.9%

Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.

CPENameOperatorVersion
phpeq5.5.0 alpha1
phpeq5.5.0 alpha3
phpeq5.2.9
phpeq5.4.12 rc1
phpeq5.3.10
phpeq5.3.27
phpeq5.1.5
phpeq5.4.15 rc1
phpeq5.5.0 beta3
phpeq5.3.6

Rows per page:

1-10 of 1001

References

git.php.net/?p=php-src.git;a=commit;h=169b78eb79b0e080b67f9798708eb3771c6d0b2f

git.php.net/?p=php-src.git;a=commit;h=25e8fcc88fa20dc9d4c47184471003f436927cde

bugs.php.net/bug.php?id=60491

wiki.php.net/rfc/strict_sessions

9.2 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

70.9%

Related for PRION:CVE-2011-4718

ubuntucve1 cve1 openvas21 f52 nessus10 fedora10 amazon1 gentoo1 cloudlinux1 rosalinux1