Lucene search
Ubuntu.comUB:CVE-2009-2687HistoryAug 05, 2009 - 12:00 a.m.
CVE-2009-2687
2009-08-0500:00:00
ubuntu.com
ubuntu.com
25
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.051
Percentile
93.0%
The exif_read_data function in the Exif module in PHP before 5.2.10 allows
remote attackers to cause a denial of service (crash) via a malformed JPEG
image with invalid offset fields, a different issue than CVE-2005-3353.
Bugs
- <http://bugs.php.net/bug.php?id=48378>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535888>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535897>
Notes
| Author | Note |
|---|---|
| mdeslaur | PoC in php bug |
Related
cvelist
cvelist
CVE-2009-2687
2009-08-05 19:00:00
CVE-2005-3353
2005-11-18 23:00:00
prion
prion
Design/Logic Flaw
2009-08-05 19:30:00
nvd
nvd
CVE-2009-2687
2009-08-05 19:30:01
CVE-2005-3353
2005-11-18 23:03:00
cve
cve
CVE-2009-2687
2009-08-05 19:30:01
CVE-2005-3353
2005-11-18 23:03:00
ubuntucve
ubuntucve
CVE-2005-3353
2005-11-18 00:00:00
securityvulns
securityvulns
[USN-824-1] PHP vulnerability
2009-08-25 00:00:00
PHP DoS
2009-08-25 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : php (MDVSA-2009:145)
2009-06-29 00:00:00
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : php5 vulnerability (USN-824-1)
2009-08-25 00:00:00
PHP < 5.2.10 Multiple Vulnerabilities
2009-06-22 00:00:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:167 (php)
2009-08-17 00:00:00
PHP 'exif_read_data()' JPEG Image Processing Denial Of Service Vulnerability
2010-04-19 00:00:00
Ubuntu: Security Advisory (USN-824-1)
2009-09-02 00:00:00
ubuntu
ubuntu
PHP vulnerability
2009-08-24 00:00:00
PHP vulnerabilities
2005-12-23 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:37:02
debian
debian
[SECURITY] [DSA 1206-1] New php4 packages fix several vulnerabilities
2006-11-06 18:13:12
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
2009-11-25 21:48:09
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
2009-11-25 21:48:09
osv
osv
php4
2006-11-06 00:00:00
php5 - multiple issues
2009-11-25 00:00:00
centos
centos
php security update
2005-11-11 03:54:29
php security update
2005-11-11 01:54:54
php security update
2010-01-13 22:42:15
redhat
redhat
(RHSA-2005:831) php security update
2005-11-10 00:00:00
(RHSA-2010:0040) Moderate: php security update
2010-01-13 00:00:00
suse
suse
remote code execution in php4,php5
2005-12-14 16:26:50
oraclelinux
oraclelinux
php security update
2010-01-13 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2010-01-05 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.051
Percentile
93.0%
Related for UB:CVE-2009-2687