exploit the possibilities
Showing 1 - 5 of 5 RSS Feed

CVE-2009-2687

Status Candidate

Overview

The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353.

Related Files

HP Security Bulletin HPSBUX02543 SSRT100152
Posted Jun 19, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache with PHP. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) gain unauthorized access, and perform cross site scripting (XSS).

tags | advisory, denial of service, php, vulnerability, xss
systems | hpux
advisories | CVE-2009-2687, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3557, CVE-2009-4017, CVE-2009-4018, CVE-2009-4142, CVE-2009-4143
MD5 | fb8a1ed6738fc28c3bf409677d0e6489
Gentoo Linux Security Advisory 201001-3
Posted Jan 5, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201001-3 - Multiple vulnerabilities were found in PHP, the worst of which leading to the remote execution of arbitrary code. Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below and the associated PHP release notes for details. Versions less than 5.2.12 are affected.

tags | advisory, remote, arbitrary, php, vulnerability
systems | linux, gentoo
advisories | CVE-2008-5498, CVE-2008-5514, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658, CVE-2008-5814, CVE-2008-5844, CVE-2008-7002, CVE-2009-0754, CVE-2009-1271, CVE-2009-1272, CVE-2009-2626, CVE-2009-2687, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3546
MD5 | 712336a63c0cc0a0608bdcf2ae90dee2
Mandriva Linux Security Advisory 2009-324
Posted Dec 7, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-324 - Multiple vulnerabilities was discovered and corrected in php. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to these vulnerabilities.

tags | advisory, php, vulnerability
systems | linux, mandriva
advisories | CVE-2008-7068, CVE-2009-1271, CVE-2009-2687, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3546, CVE-2009-3557, CVE-2009-3558, CVE-2009-4017, CVE-2009-4018
MD5 | a89c4f4f4309a00aad6d14aaf7b52bda
Debian Linux Security Advisory 1940-1
Posted Nov 27, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1940-1 - Several remote vulnerabilities have been discovered in the PHP 5 hypertext preprocessor.

tags | advisory, remote, php, vulnerability
systems | linux, debian
advisories | CVE-2009-2626, CVE-2009-2687, CVE-2009-3291, CVE-2009-3292
MD5 | b2fb41b3070c564c6d204476172d0ad2
Ubuntu Security Notice 824-1
Posted Aug 25, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-824-1 - It was discovered that PHP did not properly handle certain malformed JPEG images when being parsed by the Exif module. A remote attacker could exploit this flaw and cause the PHP server to crash, resulting in a denial of service.

tags | advisory, remote, denial of service, php
systems | linux, ubuntu
advisories | CVE-2009-2687
MD5 | 39285f7b0238e8c5fcefa5d2341f68c4
Page 1 of 1
Back1Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    1 Files
  • 29
    Nov 29th
    11 Files
  • 30
    Nov 30th
    7 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close