Candidate: CVE-2009-3294
PublicDate: 2009-09-22 10:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3294
 http://www.php.net/ChangeLog-5.php#5.2.11
 http://www.openwall.com/lists/oss-security/2009/09/20/1
Description:
 The popen API function in TSRM/tsrm_win32.c in PHP before 5.2.11 and 5.3.x
 before 5.3.1, when running on certain Windows operating systems, allows
 context-dependent attackers to cause a denial of service (crash) via a
 crafted (1) "e" or (2) "er" string in the second argument (aka mode),
 possibly related to the _fdopen function in the Microsoft C runtime
 library. NOTE: this might not cross privilege boundaries except in rare
 cases in which the mode argument is accessible to an attacker outside of an
 application that uses the popen function.
Ubuntu-Description:
Notes:
 mdeslaur> Windows-only
Bugs:
 http://bugs.php.net/bug.php?id=44683
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_php5:
 upstream: http://svn.php.net/viewvc?view=revision&revision=287779
upstream_php5: released (5.2.11)
dapper_php5: not-affected
hardy_php5: not-affected
intrepid_php5: not-affected
jaunty_php5: not-affected
devel_php5: not-affected