|
|
PHP 'exif_read_data()' JPEG Image Processing Denial Of Service Vulnerability
|
Bugtraq ID:
|
35440
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2009-2687
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Jun 18 2009 12:00AM
|
|
Updated:
|
Nov 24 2009 11:55PM
|
|
Credit:
|
PHP
|
|
Vulnerable:
|
Ubuntu Ubuntu Linux 9.04 sparc
Ubuntu Ubuntu Linux 9.04 powerpc
Ubuntu Ubuntu Linux 9.04 lpia
Ubuntu Ubuntu Linux 9.04 i386
Ubuntu Ubuntu Linux 9.04 amd64
Ubuntu Ubuntu Linux 8.10 sparc
Ubuntu Ubuntu Linux 8.10 powerpc
Ubuntu Ubuntu Linux 8.10 lpia
Ubuntu Ubuntu Linux 8.10 i386
Ubuntu Ubuntu Linux 8.10 amd64
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
S.u.S.E. SUSE Linux Enterprise Server 11
+
Linux kernel 2.6.5
S.u.S.E. SUSE Linux Enterprise Server 10 SP3
S.u.S.E. SUSE Linux Enterprise Server 10 SP2
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP3
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP2
S.u.S.E. SLE 11
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 10.3
RedHat Application Stack v2 0
PHP PHP 5.2.9 -2
PHP PHP 5.2.9
PHP PHP 5.2.8
PHP PHP 5.2.7
PHP PHP 5.2.6
PHP PHP 5.2.5
PHP PHP 5.2.4
PHP PHP 5.2.3
PHP PHP 5.2.2
PHP PHP 5.2.1
+
Ubuntu Ubuntu Linux 7.04 sparc
+
Ubuntu Ubuntu Linux 7.04 powerpc
+
Ubuntu Ubuntu Linux 7.04 i386
+
Ubuntu Ubuntu Linux 7.04 amd64
PHP PHP 5.2
+
Debian Linux 4.0 sparc
+
Debian Linux 4.0 s/390
+
Debian Linux 4.0 powerpc
+
Debian Linux 4.0 mipsel
+
Debian Linux 4.0 mips
+
Debian Linux 4.0 m68k
+
Debian Linux 4.0 ia-64
+
Debian Linux 4.0 ia-32
+
Debian Linux 4.0 hppa
+
Debian Linux 4.0 arm
+
Debian Linux 4.0 amd64
+
Debian Linux 4.0 alpha
+
Debian Linux 4.0
Pardus Linux 2008 0
MandrakeSoft Linux Mandrake 2009.1 x86_64
MandrakeSoft Linux Mandrake 2009.1
MandrakeSoft Linux Mandrake 2009.0 x86_64
MandrakeSoft Linux Mandrake 2009.0
MandrakeSoft Linux Mandrake 2008.1 x86_64
MandrakeSoft Linux Mandrake 2008.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
|
|
|
|
Not Vulnerable:
|
PHP PHP 5.2.10
|
|
|
