CVE-2009-4143

Published: Dec 21, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.php.net/releases/5_2_12.php

x_refsource_CONFIRM

40262

third-party-advisory

x_refsource_SECUNIA

37390

vdb-entry

x_refsource_BID

HPSBUX02543

vendor-advisory

x_refsource_HP

37821

third-party-advisory

x_refsource_SECUNIA

38648

third-party-advisory

x_refsource_SECUNIA

APPLE-SA-2010-03-29-1

vendor-advisory

x_refsource_APPLE

41490

third-party-advisory

x_refsource_SECUNIA

HPSBMA02568

vendor-advisory

x_refsource_HP

http://www.php.net/ChangeLog-5.php

x_refsource_CONFIRM

MDVSA-2010:045

vendor-advisory

x_refsource_MANDRIVA

http://support.apple.com/kb/HT4077

x_refsource_CONFIRM

ADV-2009-3593

vdb-entry

x_refsource_VUPEN

DSA-2001

vendor-advisory

x_refsource_DEBIAN

SSRT100219

vendor-advisory

x_refsource_HP

41480

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:7439

vdb-entry

signature

x_refsource_OVAL

SSRT100152

vendor-advisory

x_refsource_HP

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2009-4143

Description

Affected Products

References