Lucene search
MitreCVELIST:CVE-2009-1272HistoryApr 08, 2009 - 6:00 p.m.
CVE-2009-1272
2009-04-0818:00:00
mitre
www.cve.org
The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x before 5.2.9 allows context-dependent attackers to cause a denial of service (crash) via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction.
References
cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.1.2.48&r2=1.1.2.49
lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
marc.info/?l=bugtraq&m=125017764422557&w=2
secunia.com/advisories/35685
secunia.com/advisories/36701
support.apple.com/kb/HT3865
www.openwall.com/lists/oss-security/2009/04/01/9
www.openwall.com/lists/oss-security/2009/04/09/1
www.php.net/releases/5_2_9.php
Related
cve
cve
CVE-2009-1272
2009-04-08 18:30:00
prion
prion
Input validation
2009-04-08 18:30:00
nvd
nvd
CVE-2009-1272
2009-04-08 18:30:00
openvas
openvas
PHP DoS Vulnerability (Apr 2009)
2009-04-23 00:00:00
SLES10: Security update for PHP5
2009-10-13 00:00:00
SLES11: Security update for PHP5
2009-10-11 00:00:00
ubuntucve
ubuntucve
CVE-2009-1272
2009-04-08 00:00:00
nessus
nessus
SuSE 11 Security Update : PHP5 (SAT Patch Number 1015)
2009-09-24 00:00:00
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 6311)
2009-09-24 00:00:00
PHP < 5.2.9 Multiple Vulnerabilities
2009-02-27 00:00:00
securityvulns
securityvulns
gentoo
gentoo
PHP: Multiple vulnerabilities
2010-01-05 00:00:00