Trend Micro Security

Zend Framework SQL Injection Vulnerability (CVE-2016-4861)

  危険度: : 緊急

  概要

Zend Framework is prone to an SQL injection vulnerability by the implementation of ORDER BY and GROUP BY in Zend_Db_Select, when a combination of SQL expressions and comments are used.

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1000608