Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-4017

Опубликовано: 24 нояб. 2009
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5

Описание

PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.

РелизСтатусПримечание
dapper

released

5.1.2-1ubuntu3.17
devel

released

5.2.11.dfsg.1-2ubuntu1
hardy

released

5.2.4-2ubuntu5.9
intrepid

released

5.2.6-2ubuntu4.5
jaunty

released

5.2.6.dfsg.1-3ubuntu4.4
karmic

released

5.2.10.dfsg.1-2ubuntu6.3
upstream

released

5.3.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 79%
0.01304
Низкий

5 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-4017

redhat
больше 15 лет назад

PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.

nvd логотип

CVE-2009-4017

nvd
больше 15 лет назад

PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.

debian логотип

CVE-2009-4017

debian
больше 15 лет назад

PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number ...

github логотип

GHSA-79rp-c2fh-g5j7

github
около 3 лет назад

PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.

oracle-oval логотип

ELSA-2010-0040

oracle-oval
больше 15 лет назад

ELSA-2010-0040: php security update (MODERATE)

EPSS

Процентиль: 79%
0.01304
Низкий

5 Medium

CVSS2