FreeBSD : Zend Framework -- multiple vulnerabilities (c9263916-006f-11df-94cb-0050568452ac)

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

The Zend Framework team reports :

Potential XSS or HTML Injection vector in Zend_Json.

Potential XSS vector in Zend_Service_ReCaptcha_MailHide.

Potential MIME-type Injection in Zend_File_Transfer Executive Summary.

Potential XSS vector in Zend_Filter_StripTags when comments allowed.

Potential XSS vector in Zend_Dojo_View_Helper_Editor.

Potential XSS vectors due to inconsistent encodings.

XSS vector in Zend_Filter_StripTags.

LFI vector in Zend_View::setScriptPath() and render().

See also :

Solution :

Update the affected package.

Risk factor :


Family: FreeBSD Local Security Checks

Nessus Plugin ID: 43879 (freebsd_pkg_c9263916006f11df94cb0050568452ac.nasl)

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now