7.5
CVE-2009-3292
- EPSS 2.78%
- Veröffentlicht 22.09.2009 10:30:00
- Zuletzt bearbeitet 16.06.2026 23:11:19
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.78% | 0.845 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://marc.info/?l=bugtraq&m=130497311408250&w=2
http://www.php.net/ChangeLog-5.php
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
http://support.apple.com/kb/HT3937
http://www.vupen.com/english/advisories/2009/3184
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
http://marc.info/?l=bugtraq&m=127680701405735&w=2
http://secunia.com/advisories/37482
http://secunia.com/advisories/40262
http://www.debian.org/security/2009/dsa-1940
http://secunia.com/advisories/36791
http://www.php.net/ChangeLog-5.php#5.2.11
http://www.php.net/releases/5_2_11.php
http://www.securitytracker.com/id?1022914
http://news.php.net/php.announce/79
http://secunia.com/advisories/37412
http://www.mandriva.com/security/advisories?name=MDVSA-2009:302
http://www.openwall.com/lists/oss-security/2009/11/20/2
http://www.openwall.com/lists/oss-security/2009/11/20/3
http://www.osvdb.org/58186
http://www.php.net/releases/5_3_1.php
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7652
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9982