Lucene search
UbuntuUSN-824-1HistoryAug 24, 2009 - 12:00 a.m.
PHP vulnerability
2009-08-2400:00:00
ubuntu.com
34
6.2 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.01 Low
EPSS
Percentile
83.7%
Releases
- Ubuntu 9.04
- Ubuntu 8.10
- Ubuntu 8.04
- Ubuntu 6.06
Packages
- php5 -
Details
It was discovered that PHP did not properly handle certain malformed
JPEG images when being parsed by the Exif module. A remote attacker could
exploit this flaw and cause the PHP server to crash, resulting in a denial
of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.04 | noarch | php5-cli | < 5.2.6.dfsg.1-3ubuntu4.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | libapache2-mod-php5 | < 5.2.6.dfsg.1-3ubuntu4.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | libapache2-mod-php5 | < ilter-5.2.6.dfsg.1-3ubuntu4.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | php5 | < cgi-5.2.6.dfsg.1-3ubuntu4.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | php5 | < cli-5.2.6.dfsg.1-3ubuntu4.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | php5 | < common-5.2.6.dfsg.1-3ubuntu4.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | php5 | < curl-5.2.6.dfsg.1-3ubuntu4.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | php5 | < dbg-5.2.6.dfsg.1-3ubuntu4.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | php5 | < dev-5.2.6.dfsg.1-3ubuntu4.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | php5 | < gd-5.2.6.dfsg.1-3ubuntu4.2 | UNKNOWN |
References
Related
securityvulns
securityvulns
[USN-824-1] PHP vulnerability
2009-08-25 00:00:00
PHP DoS
2009-08-25 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-824-1)
2009-09-02 00:00:00
Mandrake Security Advisory MDVSA-2009:167 (php)
2009-08-17 00:00:00
PHP 'exif_read_data()' JPEG Image Processing Denial Of Service Vulnerability
2010-04-19 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : php (MDVSA-2009:145)
2009-06-29 00:00:00
PHP < 5.2.10 Multiple Vulnerabilities
2009-06-22 00:00:00
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : php5 vulnerability (USN-824-1)
2009-08-25 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:37:02
prion
prion
Design/Logic Flaw
2009-08-05 19:30:00
cve
cve
CVE-2009-2687
2009-08-05 19:30:00
ubuntucve
ubuntucve
CVE-2009-2687
2009-08-05 00:00:00
debian
debian
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
2009-11-25 21:48:09
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
2009-11-25 21:48:09
osv
osv
php5 - multiple issues
2009-11-25 00:00:00
oraclelinux
oraclelinux
php security update
2010-01-13 00:00:00
centos
centos
php security update
2010-01-13 22:42:15
redhat
redhat
(RHSA-2010:0040) Moderate: php security update
2010-01-13 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2010-01-05 00:00:00
6.2 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.01 Low
EPSS
Percentile
83.7%
Related for USN-824-1