The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 through 2.1.0 does not properly handle an object obtained by unserializing a pathname, which allows remote attackers to conduct PHP object injection attacks and delete arbitrary files via vectors involving a Zend_Http_Response_Stream object.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-04-21T22:00:00
Updated: 2014-04-21T22:57:01
Reserved: 2014-04-21T00:00:00
Link: CVE-2014-2922
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-04-21T22:55:08.473
Modified: 2014-04-22T15:06:56.257
Link: CVE-2014-2922
JSON object: View
Redhat Information
No data.
CWE