CVE-2009-3293

critical

Description

Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7047

http://www.vupen.com/english/advisories/2009/3184

http://www.securitytracker.com/id?1022914

http://www.php.net/releases/5_2_11.php

http://www.php.net/ChangeLog-5.php#5.2.11

http://www.osvdb.org/58187

http://support.apple.com/kb/HT3937

http://secunia.com/advisories/40262

http://secunia.com/advisories/36791

http://marc.info/?l=bugtraq&m=130497311408250&w=2

http://marc.info/?l=bugtraq&m=127680701405735&w=2

http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html

http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html

Details

Source: Mitre, NVD

Published: 2009-09-22

Updated: 2018-10-30

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics