-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Multiple Vulnerabilities in PHP
http://www.cert-in.org.in/advisory/ciad-2009-44.htm
Original Issue Date: September 25, 2009
Severity Rating:High
System Affected
PHP versions prior to 5.2.11
Overview
Multiple vulnerabilities have been reported in PHP before 5.2.11 , which
could allow a remote attacker to bypass certain security restrictions,
disclose potentially sensitive information, cause denial of service
conditions, conduct spoofing attacks, execute an arbitrary code, or
potentially compromise an affected system.
Description
1. Certificate Validation Vulnerability (CVE-2009-3291)
This vulnerability is caused due to improper certificate validation. A
remote attacker could exploit this vulnerability via spoofing certificates.
Successful exploitation of this vulnerability could allow a remote attacker
to execute an arbitrary code.
2. 'exif ' Input Validation Vulnerability (CVE-2009-3292)
This vulnerability is caused due to missing sanity checks around exif
processing.
3. ' imagecolortransparent()' Input Validation Vulnerability
(CVE-2009-3293)
This vulnerability is caused due to an incorrect sanity check for the color
index in imagecolortransparent() function.
4. tsrm_win32.c ' popen()' Denial of Service Vulnerability
(CVE-2009-3294)
This vulnerability exists in the popen API function in TSRM/tsrm_win32.c in
PHP before 5.2.11, when running on certain Windows operating systems. A
context-dependent attacker could exploit this vulnerability to cause a
denial of service via a crafted (1) "e" or (2) "er" string in the second
argument
(aka mode argument).
Solution
Upgrade to PHP Version 5.2.11 or later
http://www.php.net/releases/5_2_11.php
Vendor Information
PHP
http://www.php.net/releases/5_2_11.php
References
PHP
http://www.php.net/releases/5_2_11.php
Secunia
http://secunia.com/advisories/36791
ISS X Force
http://xforce.iss.net/xforce/xfdb/53334
SecurityLab
http://en.securitylab.ru/nvd/385738.php
CVE Name
CVE-2009-3291
CVE-2009-3292
CVE-2009-3293
CVE-2009-3294
CWE Name
CWE-20
CWE-134
Disclaimer
The information provided herein is on "as is" basis, without warranty of
any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
Note: Please do not reply to this e-mail. For further queries contact
CERT-In Information Desk. Email: info@cert-in.org.in
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: utf-8
wsBVAwUBSr8T03WXeYNsoT30AQqGNwgAxqBf0vRCCrM7fr2R8PYSK2ohl9nt1FsV
BEBXGWcH6TSDBJ9QeayBZ/JFK2U5wM95d9+5ZG1C2N2oOdpLeCVNRSD9smO16vpa
H6jkSfvjOQp4bBdEGn95dkuTacYynkpf2CFhGg/XwFp3PhBLLURrf6VqA/uZnkWk
4OYc1ouGyoFV2am2tIPOuSLbKKGpjZ2XDdmCFs0SWW0VVb3UF73AG3DQYADj8YO0
bff7050JTIgKX31+PmVTqzAeF+vpchEolWpoyCw2oDaaSltdBXBM30CJqrGk8IFq
jGkziHUA+PNJ3eQSbQKY3fzqjLbEL4S4zhxtufNuVv55EHb4MTQLnw==
=L4Bf
-----END PGP SIGNATURE-----
No comments:
Post a Comment