CVE-2009-4143
N/A
N/A
Summary
PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.php.net/releases/5_2_12.php
- http://secunia.com/advisories/40262
- http://www.securityfocus.com/bid/37390
- http://marc.info/?l=bugtraq&m=127680701405735&w=2
- http://secunia.com/advisories/37821
- http://secunia.com/advisories/38648
- http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
- http://secunia.com/advisories/41490
- http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
- http://www.php.net/ChangeLog-5.php
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:045
- http://support.apple.com/kb/HT4077
- http://www.vupen.com/english/advisories/2009/3593
- http://www.debian.org/security/2010/dsa-2001
- http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
- http://secunia.com/advisories/41480
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7439
- http://marc.info/?l=bugtraq&m=127680701405735&w=2
References
- http://www.php.net/releases/5_2_12.php
- http://secunia.com/advisories/40262
- http://www.securityfocus.com/bid/37390
- http://marc.info/?l=bugtraq&m=127680701405735&w=2
- http://secunia.com/advisories/37821
- http://secunia.com/advisories/38648
- http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
- http://secunia.com/advisories/41490
- http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
- http://www.php.net/ChangeLog-5.php
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:045
- http://support.apple.com/kb/HT4077
- http://www.vupen.com/english/advisories/2009/3593
- http://www.debian.org/security/2010/dsa-2001
- http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
- http://secunia.com/advisories/41480
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7439
- http://marc.info/?l=bugtraq&m=127680701405735&w=2
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.