Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCertccCVELIST:CVE-2009-2626
HistoryDec 01, 2009 - 4:00 p.m.

CVE-2009-2626

2009-12-0116:00:00
certcc
www.cve.org
9
vulnerability
php 5.3.0
sensitive information
memory contents
php crash
ini_set function
context-specific attackers
ini_restore function

AI Score

5.7

Confidence

Low

EPSS

0.062

Percentile

93.6%

JSON

The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable.

Related

prion 1
exploitdb 3
packetstorm 1
f5 2
redhatcve 1
nvd 1
ubuntucve 1
seebug 1
cve 1
openvas 8
nessus 10
ubuntu 1
debian 2
osv 1
gentoo 1
prion
prion
Information disclosure
2009-12-01 16:30:00
exploitdb
exploitdb
PHP 5.2.10/5.3 - 'ini_restore()' Memory Information Disclosure (1)
2009-08-10 00:00:00
PHP 5.2.10/5.3 - 'ini_restore()' Memory Information Disclosure (2)
2009-08-10 00:00:00
PHP 5.2.10/5.3.0 - 'ini_restore()' Memory Information Disclosure
2009-12-03 00:00:00
packetstorm
packetstorm
PHP ini_restore Memory Disclosure
2009-12-04 00:00:00
f5
f5
SOL13231 - PHP vulnerability CVE-2009-2626
2011-11-21 00:00:00
K13231 : PHP vulnerability CVE-2009-2626
2013-09-09 00:00:00
redhatcve
redhatcve
CVE-2009-2626
2015-10-30 10:18:04
nvd
nvd
CVE-2009-2626
2009-12-01 16:30:01
ubuntucve
ubuntucve
CVE-2009-2626
2009-12-01 00:00:00
seebug
seebug
PHP ini_restore()内存信息泄露漏洞
2009-11-30 00:00:00
cve
cve
CVE-2009-2626
2009-12-01 16:30:01
openvas
openvas
PHP Multiple Vulnerabilities (Dec 2009)
2009-12-04 00:00:00
Mandriva Update for php MDVSA-2010:008 (php)
2010-01-19 00:00:00
Mandriva Update for php MDVSA-2010:008 (php)
2010-01-19 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : php (MDVSA-2010:008)
2010-01-18 00:00:00
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : php5 vulnerabilities (USN-882-1)
2010-01-14 00:00:00
Debian DSA-1940-1 : php5 - multiple issues
2010-02-24 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2010-01-13 00:00:00
debian
debian
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
2009-11-25 21:48:09
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
2009-11-25 21:48:09
osv
osv
php5 - multiple issues
2009-11-25 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2010-01-05 00:00:00

AI Score

5.7

Confidence

Low

EPSS

0.062

Percentile

93.6%

JSON
Related for CVELIST:CVE-2009-2626
prion1exploitdb3packetstorm1f52redhatcve1nvd1ubuntucve1seebug1cve1openvas8nessus10ubuntu1debian2osv1gentoo1