CVE-2009-2687

Published: Aug 5, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

USN-824-1

vendor-advisory

x_refsource_UBUNTU

37482

third-party-advisory

x_refsource_SECUNIA

40262

third-party-advisory

x_refsource_SECUNIA

http://bugs.php.net/bug.php?id=48378

x_refsource_CONFIRM

HPSBUX02543

vendor-advisory

x_refsource_HP

MDVSA-2009:145

vendor-advisory

x_refsource_MANDRIVA

ADV-2009-1632

vdb-entry

x_refsource_VUPEN

oval:org.mitre.oval:def:6655

vdb-entry

signature

x_refsource_OVAL

36462

third-party-advisory

x_refsource_SECUNIA

DSA-1940

vendor-advisory

x_refsource_DEBIAN

55222

vdb-entry

x_refsource_OSVDB

oval:org.mitre.oval:def:10695

vdb-entry

signature

x_refsource_OVAL

35441

third-party-advisory

x_refsource_SECUNIA

MDVSA-2009:167

vendor-advisory

x_refsource_MANDRIVA

35440

vdb-entry

x_refsource_BID

php-exifreaddata-dos(51253)

vdb-entry

x_refsource_XF

SSRT100152

vendor-advisory

x_refsource_HP

SUSE-SR:2009:017

vendor-advisory

x_refsource_SUSE

http://www.php.net/releases/5_2_10.php

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2009-2687

Description

Affected Products

References