Lucene search
Ubuntu.comUB:CVE-2009-1272HistoryApr 08, 2009 - 12:00 a.m.
CVE-2009-1272
2009-04-0800:00:00
ubuntu.com
ubuntu.com
12
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.016 Low
EPSS
Percentile
87.0%
The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x before
5.2.9 allows context-dependent attackers to cause a denial of service
(crash) via a ZIP file that contains filenames with relative paths, which
is not properly handled during extraction.
Notes
| Author | Note |
|---|---|
| mdeslaur | this is caused by an incomplete fix for CVE-2008-5658. our patch was complete, so we’re not affected |
Related
veracode
veracode
Directory Traversal
2020-04-10 00:31:23
cve
cve
CVE-2008-5658
2008-12-17 20:30:00
CVE-2009-1272
2009-04-08 18:30:00
ubuntucve
ubuntucve
CVE-2008-5658
2008-12-17 00:00:00
prion
prion
Directory traversal
2008-12-17 20:30:00
Input validation
2009-04-08 18:30:00
openvas
openvas
PHP DoS Vulnerability (Apr 2009)
2009-04-23 00:00:00
SLES10: Security update for PHP5
2009-10-13 00:00:00
SLES10: Security update for PHP5
2009-10-13 00:00:00
nessus
nessus
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 5909)
2009-09-24 00:00:00
openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-441)
2009-07-21 00:00:00
openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-441)
2009-07-21 00:00:00
osv
osv
php5 - multiple issues
2009-11-25 00:00:00
php5 - several vulnerabilities
2009-05-04 00:00:00
debian
debian
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
2009-11-25 21:48:09
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
2009-11-25 21:48:09
[SECURITY] [DSA 1789-1] New php5 packages fix several vulnerabilities
2009-05-04 20:57:57
securityvulns
securityvulns
redhat
redhat
(RHSA-2009:0350) Moderate: php security update
2009-04-14 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: maniadrive-1.2-13.fc10
2009-05-30 02:34:40
[SECURITY] Fedora 10 Update: php-5.2.9-2.fc10
2009-05-30 02:34:40
[SECURITY] Fedora 9 Update: php-5.2.9-2.fc9
2009-05-30 02:38:47
ubuntu
ubuntu
PHP vulnerabilities
2009-02-12 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2010-01-05 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.016 Low
EPSS
Percentile
87.0%
Related for UB:CVE-2009-1272