Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability

vulnerability bulletin CVE-2009-2687

PHP: several vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of PHP in order to create a denial of service or to execute code.
Severity: 2/4.
Creation date: 19/06/2009.

Description of the vulnerability

Several vulnerabilities were announced in PHP 5.

A JPEG image containing malicious EXIF data generates a memory corruption in the exif_read_data() function. [severity:2/4; 48378, BID-35440, CVE-2009-2687, >]

Under Windows, a script can execute all commands (despite the "Safe Mode") by prefixing them by a '\' character. [severity:2/4; 45997, BID-35435, >]

These vulnerabilities are local or remote depending on the context.

Complete Vigil@nce bulletin

Access to the complete Vigil@nce bulletin

Characteristics

Title: PHP: several vulnerabilities.
Keywords: 45997 48378 EXIF JPEG Mode PHP Safe Windows exif_read_data several vulnerabilities.
Identifiers: 45997, 48378, BID-35435, BID-35440, c02247738, CVE-2009-2687, DSA-1940-1, HPSBUX02543, MDVSA-2009:145, MDVSA-2009:167, MDVSA-2009:324, RHSA-2009:1461-01, RHSA-2010:0040-01, SSRT100152, SUSE-SR:2009:017, SUSE-SR:2010:005, VIGILANCE-VUL-8808.

Information sources

Publications and announces
Source example: PHP 5 ChangeLog Version 5.2.10

Solutions for this vulnerability

Patch or workaround

Supplements

Vulnerability : exif_read_data

A JPEG image containing malicious EXIF data generates a memory corruption in the exif_read_data() function.
Severity: 2/4.
Identifiers: 48378, BID-35440, CVE-2009-2687.
Publications and announces
Source example: Bug #48378 - exif_read_data() segfaults on certain corrupted .jpeg files

Vulnerability : exec/system/passthru

Under Windows, a script can execute all commands (despite the "Safe Mode") by prefixing them by a '\' character.
Severity: 2/4.
Identifiers: 45997, BID-35435.
Publications and announces
Source example: Bug #45997 - safe_mode bypass

Attack

Exploit 0day or proof of concept

Computer vulnerabilities tracking service

The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer applications vulnerability



















France Télécom Copyright 1999-2010 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française