Zend Framework SQL Injection Vulnerability (CVE-2016-4861)

2016年10月12日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 緊急

概要

Zend Framework is prone to an SQL injection vulnerability by the implementation of ORDER BY and GROUP BY in Zend_Db_Select, when a combination of SQL expressions and comments are used.

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1000608