| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-4017 | 5.0 |
PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier f
|
15-02-2024 - 21:16 | 24-11-2009 - 00:30 | |
| CVE-2009-2687 | 4.3 |
The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353.
|
19-01-2023 - 16:38 | 05-08-2009 - 19:30 | |
| CVE-2009-2626 | 6.4 |
The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a varia
|
30-10-2018 - 16:26 | 01-12-2009 - 16:30 | |
| CVE-2009-3291 | 7.5 |
The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.
|
30-10-2018 - 16:26 | 22-09-2009 - 10:30 | |
| CVE-2009-3292 | 7.5 |
Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."
|
30-10-2018 - 16:26 | 22-09-2009 - 10:30 |