CVE-2009-3294

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 22-09-2009 12:30

Last modified: - 01-09-2022 06:32

Total changes: - 2

Description

The popen API function in TSRM/tsrm_win32.c in PHP before 5.2.11 and 5.3.x before 5.3.1, when running on certain Windows operating systems, allows context-dependent attackers to cause a denial of service (crash) via a crafted (1) "e" or (2) "er" string in the second argument (aka mode), possibly related to the _fdopen function in the Microsoft C runtime library. NOTE: this might not cross privilege boundaries except in rare cases in which the mode argument is accessible to an attacker outside of an application that uses the popen function.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:N/I:N/A:P

Low

Attack complexity

Network

Attack vector

Low

Availability

None

Confidentiality

None

Integrity

Privileges required

Scope

User interaction

5.0

Base score

10.0

2.9

Exploitability score

Impact score

Verification logic

Reference

58188-Broken Link
http://www.php.net/releases/5_2_11.php
[oss-security] 20090920 Re: CVE Request -- PHP 5 - 5.2.11-Mailing List, Patch
http://svn.php.net/viewvc?view=revision&revision=287779
http://bugs.php.net/bug.php?id=44683
http://www.php.net/ChangeLog-5.php#5.2.11
[oss-security] 20091120 CVE request: php 5.3.1 update-Mailing List
[oss-security] 20091120 Re: CVE request: php 5.3.1 update-Mailing List
http://www.php.net/ChangeLog-5.php
http://www.php.net/releases/5_3_1.php
[php-announce] 20091119 5.3.1 Release announcement-Vendor Advisory

Keywords

CVE-2009-3294

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2009-3294

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures