Security Advisory

CVE-2012-2667

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-06-07 19:00:00

Last updated 2024-08-06 19:42:32

Assigner redhat

State PUBLISHED

Description

Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate method and unspecified "database backed session classes."

← Browse all CVEs View on cve.org ↗