admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2009/CVE-2009-12xx/CVE-2009-1271.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

186 lines
5.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2009-1271",
"sourceIdentifier": "cve@mitre.org",
"published": "2009-04-08T18:30:00.187",
"lastModified": "2018-10-03T21:59:19.900",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function."
},
{
"lang": "es",
"value": "La funci\u00f3n JSON_parser (ext/json/JSON_parser.c) en PHP v5.2.x anteriores a v5.2.9 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (falta de segmentaci\u00f3n) a trav\u00e9s de una cadena formada de forma incorrecta a la funci\u00f3n API json_decode.\r\n"
}
],
"vendorComments": [
{
"organization": "Red Hat",
"comment": "This issue did not affect PHP versions as shipped in Red Hat Enterprise Linux 2.1, 3, 4, and 5, and Red Hat Application Stack v1. PHP version in Red Hat Application Stack v2 was fixed via: https://rhn.redhat.com/errata/RHSA-2009-0350.html",
"lastModified": "2009-04-15T00:00:00"
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.4:*:windows:*:*:*:*:*",
"matchCriteriaId": "F526115E-A68E-4B10-AA6A-9CD26CB81AF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426"
}
]
}
]
}
],
"references": [
{
"url": "http://cvs.php.net/viewvc.cgi/php-src/ext/json/JSON_parser.c?r1=1.1.2.14&r2=1.1.2.15",
"source": "cve@mitre.org"
},
{
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html",
"source": "cve@mitre.org"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html",
"source": "cve@mitre.org"
},
{
"url": "http://support.apple.com/kb/HT3865",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2009/dsa-1775",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2009/dsa-1789",
"source": "cve@mitre.org"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:090",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2009/04/01/9",
"source": "cve@mitre.org"
},
{
"url": "http://www.php.net/releases/5_2_9.php",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2009-0350.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.ubuntu.com/usn/USN-761-2",
"source": "cve@mitre.org"
},
{
"url": "https://usn.ubuntu.com/761-1/",
"source": "cve@mitre.org"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink