CVE-2009-1271

Published: 08 April 2009

The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function.

Priority

Medium

Status

Package Release Status
php-json-ext
Launchpad, Ubuntu, Debian
Upstream
Released (5.2.9)
php5
Launchpad, Ubuntu, Debian
Upstream
Released (5.2.9)
Patches:
Upstream: http://cvs.php.net/viewvc.cgi/php-src/ext/json/JSON_parser.c?r1=1.1.2.14&r2=1.1.2.15