oss-sec mailing list archives
CVE Request -- php-doctrine-Doctrine -- SQL injection flaw
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Fri, 25 Mar 2011 11:07:56 +0100
Hello Steve, vendors, a SQL injection flaw has been reported against Doctrine, the PHP Object Relational Mapper: [1] http://www.doctrine-project.org/blog/doctrine-security-fix [2] https://bugzilla.redhat.com/show_bug.cgi?id=689396 Further from [1]: "The security hole was found today and affects the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery() function which does not cast input values for limit and offset to integer and allows malicious SQL to be executed if these parameters are passed into Doctrine 2 directly from request variables without previous cast to integer." Could you allocate a CVE id for this? Thanks && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- CVE Request -- php-doctrine-Doctrine -- SQL injection flaw Jan Lieskovsky (Mar 25)
- Re: CVE Request -- php-doctrine-Doctrine -- SQL injection flaw Steven M. Christey (Mar 28)