Vulnerability Name:

CVE-2009-3292 (CCN-53336)

Assigned:2009-09-16
Published:2009-09-16
Updated:2018-10-30
Summary:Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Other
References:Source: MITRE
Type: CNA
CVE-2009-3292

Source: APPLE
Type: UNKNOWN
APPLE-SA-2009-11-09-1

Source: SUSE
Type: UNKNOWN
SUSE-SR:2009:017

Source: HP
Type: UNKNOWN
HPSBUX02543

Source: HP
Type: UNKNOWN
SSRT090208

Source: MLIST
Type: UNKNOWN
[php-announce] 20091119 5.3.1 Release announcement

Source: CCN
Type: RHSA-2010-0040
Moderate: php security update

Source: CCN
Type: SA36791
PHP Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
36791

Source: CCN
Type: SA37412
PHP Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
37412

Source: SECUNIA
Type: Vendor Advisory
37482

Source: SECUNIA
Type: Vendor Advisory
40262

Source: CCN
Type: SECTRACK ID: 1022914
PHP Bugs Have Unspecified Impact

Source: CCN
Type: Apple Web site
About Security Update 2009-006 / Mac OS X v10.6.2

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3937

Source: DEBIAN
Type: UNKNOWN
DSA-1940

Source: DEBIAN
Type: DSA-1940
php5 -- multiple issues

Source: CCN
Type: GLSA-201001-03
PHP: Multiple vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2009:302

Source: MLIST
Type: UNKNOWN
[oss-security] 20091120 CVE request: php 5.3.1 update

Source: MLIST
Type: UNKNOWN
[oss-security] 20091120 Re: CVE request: php 5.3.1 update

Source: OSVDB
Type: UNKNOWN
58186

Source: CCN
Type: OSVDB ID: 58186
PHP exif Processing Unspecified Issue

Source: CONFIRM
Type: UNKNOWN
http://www.php.net/ChangeLog-5.php

Source: CONFIRM
Type: Vendor Advisory
http://www.php.net/ChangeLog-5.php#5.2.11

Source: CCN
Type: PHP Web site
PHP 5.2.11 Release Announcement

Source: CONFIRM
Type: UNKNOWN
http://www.php.net/releases/5_2_11.php

Source: CONFIRM
Type: UNKNOWN
http://www.php.net/releases/5_3_1.php

Source: CCN
Type: BID-36449
PHP 5.2.10 and Prior Versions Multiple Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1022914

Source: CCN
Type: USN-862-1
php5 vulnerabilities

Source: VUPEN
Type: Vendor Advisory
ADV-2009-3184

Source: XF
Type: UNKNOWN
php-exif-data-unspecified(53336)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:7652

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9982

Source: SUSE
Type: SUSE-SR:2009:017
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:php:php:1.0.0:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:2.0b10:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:3.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:beta4:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.1:patch1:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.1:patch2:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.3:patch1:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.4:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.4:patch1:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.5:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.6:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.7:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.7:rc1:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.7:rc2:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.7:rc3:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.7:rc4:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.1.0:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.2:*:dev:*:*:*:*:*
  • OR cpe:/a:php:php:4.2.0:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.2.1:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.2.3:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.0:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.2:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.3:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.4:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.5:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.6:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.7:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.10:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.11:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.0:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.1:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.2:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.3:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.4:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.5:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.6:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.7:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.8:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.9:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:beta4:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.3:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.4:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.5:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.0:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.2:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.5:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.2:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.4:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.6:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.7:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.9:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version <= 5.2.10)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:php:php:5.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.1:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.3:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.2:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.4:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.5:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.6:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.7:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.9:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.10:-:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06:*:lts:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04:*:lts:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20093292
    V
    		CVE-2009-3292
    2022-05-20
    oval:org.opensuse.security:def:31224
    P
    		Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
    2021-07-21
    oval:org.opensuse.security:def:42077
    P
    		Security update for curl (Moderate)
    2021-05-26
    oval:org.opensuse.security:def:31150
    P
    		Security update for xorg-x11-server (Important)
    2021-04-14
    oval:org.opensuse.security:def:31748
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:31356
    P
    		Security update for python (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:35670
    P
    		apache2-mod_php5-5.2.14-0.7.24.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:31448
    P
    		Security update for postgresql-init (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25233
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32596
    P
    		postgresql on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25939
    P
    		Security update for gstreamer-0_10-plugins-base (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31592
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25425
    P
    		Security update for bluez (Important)
    2020-12-01
    oval:org.opensuse.security:def:31138
    P
    		Security update for lcms
    2020-12-01
    oval:org.opensuse.security:def:25997
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31804
    P
    		Security update for ant (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25563
    P
    		Security update for xrdp (Important)
    2020-12-01
    oval:org.opensuse.security:def:26670
    P
    		apache2-mod_php5 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31892
    P
    		Security update for expat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25798
    P
    		Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:25222
    P
    		Security update for java-1_8_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:31958
    P
    		Security update for gtk2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25900
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31505
    P
    		Security update for python27 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25297
    P
    		Security update for libX11 (Important)
    2020-12-01
    oval:org.opensuse.security:def:32635
    P
    		apache2-mod_php5 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25953
    P
    		Security update for gcc48 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25506
    P
    		Security update for openexr (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31139
    P
    		Security update for less (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26635
    P
    		quagga on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31853
    P
    		Security update for coreutils (Important)
    2020-12-01
    oval:org.opensuse.security:def:25647
    P
    		Security update for freetype2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25221
    P
    		Security update for sysstat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31914
    P
    		Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25851
    P
    		Security update for freerdp (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:7652
    V
    		HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS)
    2015-04-20
    oval:org.mitre.oval:def:13706
    P
    		USN-862-1 -- php5 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13519
    P
    		DSA-1940-1 php5 -- multiple issues
    2014-06-23
    oval:org.mitre.oval:def:7890
    P
    		DSA-1940 php5 -- multiple issues
    2014-06-23
    oval:org.mitre.oval:def:23025
    P
    		ELSA-2010:0040: php security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:21391
    P
    		RHSA-2010:0040: php security update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:9982
    V
    		Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."
    2013-04-29
    oval:com.redhat.rhsa:def:20100040
    P
    		RHSA-2010:0040: php security update (Moderate)
    2010-01-13
    oval:org.debian:def:1940
    V
    		multiple issues
    2009-11-25
    BACK
    php php 1.0
    php php 2.0
    php php 2.0b10
    php php 3.0
    php php 3.0.1
    php php 3.0.2
    php php 3.0.3
    php php 3.0.4
    php php 3.0.5
    php php 3.0.6
    php php 3.0.7
    php php 3.0.8
    php php 3.0.9
    php php 3.0.10
    php php 3.0.11
    php php 3.0.12
    php php 3.0.13
    php php 3.0.14
    php php 3.0.15
    php php 3.0.16
    php php 3.0.17
    php php 3.0.18
    php php 4
    php php 4.0
    php php 4.0 beta1
    php php 4.0 beta2
    php php 4.0 beta3
    php php 4.0 beta4
    php php 4.0 beta_4_patch1
    php php 4.0 rc1
    php php 4.0 rc2
    php php 4.0.0
    php php 4.0.1
    php php 4.0.1 patch1
    php php 4.0.1 patch2
    php php 4.0.2
    php php 4.0.3
    php php 4.0.3 patch1
    php php 4.0.4
    php php 4.0.4 patch1
    php php 4.0.5
    php php 4.0.6
    php php 4.0.7
    php php 4.0.7 rc1
    php php 4.0.7 rc2
    php php 4.0.7 rc3
    php php 4.0.7 rc4
    php php 4.1.0
    php php 4.1.1
    php php 4.1.2
    php php 4.2
    php php 4.2.0
    php php 4.2.1
    php php 4.2.2
    php php 4.2.3
    php php 4.3.0
    php php 4.3.1
    php php 4.3.2
    php php 4.3.3
    php php 4.3.4
    php php 4.3.5
    php php 4.3.6
    php php 4.3.7
    php php 4.3.8
    php php 4.3.9
    php php 4.3.10
    php php 4.3.11
    php php 4.4.0
    php php 4.4.1
    php php 4.4.2
    php php 4.4.3
    php php 4.4.4
    php php 4.4.5
    php php 4.4.6
    php php 4.4.7
    php php 4.4.8
    php php 4.4.9
    php php 5
    php php 5.0 rc1
    php php 5.0 rc2
    php php 5.0 rc3
    php php 5.0.0
    php php 5.0.0 beta1
    php php 5.0.0 beta2
    php php 5.0.0 beta3
    php php 5.0.0 beta4
    php php 5.0.0 rc1
    php php 5.0.0 rc2
    php php 5.0.0 rc3
    php php 5.0.1
    php php 5.0.2
    php php 5.0.3
    php php 5.0.4
    php php 5.0.5
    php php 5.1.0
    php php 5.1.1
    php php 5.1.2
    php php 5.1.3
    php php 5.1.4
    php php 5.1.5
    php php 5.1.6
    php php 5.2.0
    php php 5.2.2
    php php 5.2.4
    php php 5.2.6
    php php 5.2.7
    php php 5.2.8
    php php 5.2.9
    php php *
    php php 5.2.0
    php php 5.2.1 -
    php php 5.2.3 -
    php php 5.2.2 -
    php php 5.2.4 -
    php php 5.2.5 -
    php php 5.2.6 -
    php php 5.2.7 -
    php php 5.2.8
    php php 5.2.9 -
    php php 5.2.10 -
    gentoo linux *
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    mandrakesoft mandrake multi network firewall 2.0
    canonical ubuntu 6.06
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.1 x86_64
    mandrakesoft mandrake linux 2008.1
    canonical ubuntu 8.04
    mandriva linux 2009.0
    mandriva linux 2009.0 -
    debian debian linux 5.0
    apple mac os x 10.5.8
    apple mac os x server 10.5.8
    mandriva enterprise server 5
    mandriva enterprise server 5
    mandriva linux 2010
    mandriva linux 2010