PT-2009-5605 · Php+2 · Php+2
Published
2009-09-22
·
Updated
2018-10-30
·
CVE-2009-3292
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
PHP versions prior to 5.2.11
PHP versions 5.3.x prior to 5.3.1
Description
The issue is related to missing sanity checks around exif processing, which has unknown impact and attack vectors.
Recommendations
For PHP versions prior to 5.2.11, update to version 5.2.11 or later.
For PHP versions 5.3.x prior to 5.3.1, update to version 5.3.1 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hp-Ux
Php
Red Hat