CVE-2009-4017

Priority
Description
PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of
temporary files created when handling a multipart/form-data POST request,
which allows remote attackers to cause a denial of service (resource
exhaustion), and makes it easier for remote attackers to exploit local file
inclusion vulnerabilities, via multiple requests, related to lack of
support for the max_file_uploads directive.
Notes
 mdeslaur> introduces a new option
More Information

Updated: 2019-03-19 11:51:24 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)