CVE-2009-1272 : The php_zip_make_relative_path function in php

The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x before 5.2.9 allows context-dependent attackers to cause a denial of service (crash) via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction.

Published 2009-04-08 18:30:00

Updated 2009-09-16 05:30:35

Source MITRE

View at NVD, CVE.org

Vulnerability category: Input validationDenial of service

Products affected by CVE-2009-1272

PHP » PHP » Version: 5.2.0
cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
Matching versions
PHP » PHP » Version: 5.2.8
cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*
Matching versions
PHP » PHP » Version: 5.2.3
cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*
Matching versions
PHP » PHP » Version: 5.2.4 Windows Edition
cpe:2.3:a:php:php:5.2.4:*:windows:*:*:*:*:*
Matching versions
PHP » PHP » Version: 5.2.4
cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*
Matching versions
PHP » PHP » Version: 5.2.6
cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*
Matching versions
PHP » PHP » Version: 5.2.7
cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*
Matching versions
PHP » PHP » Version: 5.2.1
cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
Matching versions
PHP » PHP » Version: 5.2.5
cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*
Matching versions
PHP » PHP » Version: 5.2.2
cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2009-1272

Top countries where our scanners detected CVE-2009-1272

Top open port discovered on systems with this issue 80

IPs affected by CVE-2009-1272 14,160

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2009-1272!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2009-1272

EPSS FAQ

2.17%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 83 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2009-1272

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

CWE ids for CVE-2009-1272

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

Vendor statements for CVE-2009-1272

Red Hat 2009-04-15

Not vulnerable. This issue did not affect PHP versions as shipped in Red Hat Enterprise Linux 2.1, 3, 4, and 5, and Red Hat Application Stack v1 and v2. This problem was introduced in the fix for CVE-2008-5658. Patch for CVE-2008-5658 as used in Red Hat Application Stack v2 also includes the fix for this crash too.

References for CVE-2009-1272

http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.1.2.48&r2=1.1.2.49
http://www.openwall.com/lists/oss-security/2009/04/01/9

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

[security-announce] SUSE Security Summary Report: SUSE-SR:2009:012 - openSUSE Security Announce - openSUSE Mailing Lists

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2009/04/09/1
http://www.php.net/releases/5_2_9.php

Vendor Advisory

CVEs referencing this url
http://support.apple.com/kb/HT3865

About Security Update 2009-005 - Apple Support

CVEs referencing this url
http://marc.info/?l=bugtraq&m=125017764422557&w=2

'[security bulletin] HPSBMA02447 SSRT090062 rev.1 - Insight Control Suite For Linux (ICE-LX) Cross Si' - MARC

CVEs referencing this url
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html

CVEs referencing this url

Jump to