Your submission was sent successfully! Close

CVE-2009-2687

Published: 5 August 2009

The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353.

Priority

Medium

Status

Package Release Status
php4
Launchpad, Ubuntu, Debian
dapper Ignored
(reached end-of-life)
hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Does not exist

upstream Needs triage

php5
Launchpad, Ubuntu, Debian
dapper
Released (5.1.2-1ubuntu3.15)
hardy
Released (5.2.4-2ubuntu5.7)
intrepid
Released (5.2.6-2ubuntu4.3)
jaunty
Released (5.2.6.dfsg.1-3ubuntu4.2)
karmic Not vulnerable
(5.2.10.dfsg.1-2ubuntu1)
upstream
Released (5.2.10.dfsg.1-1)