Vulnerability in Zend Zend_framework

CVE-2012-6532

(1) Zend_Dom, (2) Zend_Feed, (3) Zend_Soap, and (4) Zend_XmlRpc in Zend Framework 1.x before 1.11.13 and 1.12.x before 1.12.0 allow remote attackers to cause a denial of service (CPU consumption) via recursive or circular references in an…

EPSS: 0.005 (65.1th percentile) — read the EPSS interpretation.

Affected products

Zend Zend_framework — versions 1.0.4, 1.5.0, 1.5.1
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

MDVSA-2013:115 (vendor-advisory, x_refsource_MANDRIVA)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)