admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-30 02:00:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2009/CVE-2009-12xx/CVE-2009-1271.json

218 lines
6.7 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2009-1271",
"sourceIdentifier": "cve@mitre.org",
"published": "2009-04-08T18:30:00.187",
"lastModified": "2018-10-03T21:59:19.900",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function."
},
{
"lang": "es",
"value": "La funci\u00f3n JSON_parser (ext/json/JSON_parser.c) en PHP v5.2.x anteriores a v5.2.9 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (falta de segmentaci\u00f3n) a trav\u00e9s de una cadena formada de forma incorrecta a la funci\u00f3n API json_decode.\r\n"
}
],
"vendorComments": [
{
"organization": "Red Hat",
"comment": "This issue did not affect PHP versions as shipped in Red Hat Enterprise Linux 2.1, 3, 4, and 5, and Red Hat Application Stack v1. PHP version in Red Hat Application Stack v2 was fixed via: https://rhn.redhat.com/errata/RHSA-2009-0350.html",
"lastModified": "2009-04-15T00:00:00"
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.4:*:windows:*:*:*:*:*",
"matchCriteriaId": "F526115E-A68E-4B10-AA6A-9CD26CB81AF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426"
}
]
}
]
}
],
"references": [
{
"url": "http://cvs.php.net/viewvc.cgi/php-src/ext/json/JSON_parser.c?r1=1.1.2.14&r2=1.1.2.15",
"source": "cve@mitre.org"
},
{
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html",
"source": "cve@mitre.org"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html",
"source": "cve@mitre.org"
},
Auto-Update: 2024-04-04T08:42:25.815847+00:00
2024-04-04 08:46:00 +00:00
{
"url": "http://secunia.com/advisories/34770",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/34830",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/34933",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/35003",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/35007",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/35306",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/35685",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/36701",
"source": "cve@mitre.org"
},
bootstrap
2023-04-24 12:24:31 +02:00
{
"url": "http://support.apple.com/kb/HT3865",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2009/dsa-1775",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2009/dsa-1789",
"source": "cve@mitre.org"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:090",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2009/04/01/9",
"source": "cve@mitre.org"
},
{
"url": "http://www.php.net/releases/5_2_9.php",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2009-0350.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.ubuntu.com/usn/USN-761-2",
"source": "cve@mitre.org"
},
{
"url": "https://usn.ubuntu.com/761-1/",
"source": "cve@mitre.org"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue Copy Permalink