Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2009-2626

The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable.

  • Published: Dec 1, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-2626
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.4
  • AV:N/AC:L/Au:N/C:P/I:N/A:P

No CWE or OWASP classifications available.

Software From Fixed in
php / php 4.3.9 4.3.9.x
php / php 4.4.9 4.4.9.x
php / php 3.0 3.0.x
php / php 5.2.9 5.2.9.x
php / php 4.0-beta1 4.0-beta1.x
php / php 3.0.5 3.0.5.x
php / php 3.0.11 3.0.11.x
php / php 5.1.5 5.1.5.x
php / php 5.1.2 5.1.2.x
php / php 4.0-beta4 4.0-beta4.x
php / php 4.2.0 4.2.0.x
php / php 5.1.1 5.1.1.x
php / php 3.0.1 3.0.1.x
php / php 3.0.2 3.0.2.x
php / php 4.4.4 4.4.4.x
php / php 5.0.0-beta1 5.0.0-beta1.x
php / php 4.1.0 4.1.0.x
php / php 5.1.6 5.1.6.x
php / php 4.3.4 4.3.4.x
php / php 4.0.4 4.0.4.x
php / php 4.3.0 4.3.0.x
php / php 4.0.5 4.0.5.x
php / php 5.0-rc1 5.0-rc1.x
php / php 5.2.7 5.2.7.x
php / php 5.2.2 5.2.2.x
php / php 3.0.8 3.0.8.x
php / php 5.0.5 5.0.5.x
php / php 4.3.6 4.3.6.x
php / php 3.0.13 3.0.13.x
php / php 5.0.1 5.0.1.x
php / php 4.0.7-rc4 4.0.7-rc4.x
php / php 5.1.4 5.1.4.x
php / php 4.0.7-rc2 4.0.7-rc2.x
php / php 4.3.7 4.3.7.x
php / php 5.0.4 5.0.4.x
php / php 4.0.7-rc1 4.0.7-rc1.x
php / php 4.2.2 4.2.2.x
php / php - 5.2.10.x
php / php 4.4.2 4.4.2.x
php / php 4.0-rc1 4.0-rc1.x
php / php 3.0.7 3.0.7.x
php / php 4.3.2 4.3.2.x
php / php 4.3.11 4.3.11.x
php / php 4.0.0 4.0.0.x
php / php 3.0.6 3.0.6.x
php / php 4.0.3-patch1 4.0.3-patch1.x
php / php 3.0.17 3.0.17.x
php / php 4.0.7 4.0.7.x
php / php 4 4.x
php / php 4.0.2 4.0.2.x
php / php 4.3.3 4.3.3.x
php / php 5.0-rc3 5.0-rc3.x
php / php 2.0 2.0.x
php / php 4.1.1 4.1.1.x
php / php 3.0.15 3.0.15.x
php / php 3.0.16 3.0.16.x
php / php 5.2.6 5.2.6.x
php / php 5.3.0 5.3.0.x
php / php 4.4.3 4.4.3.x
php / php 5.0.0-rc2 5.0.0-rc2.x
php / php 5.0.3 5.0.3.x
php / php 3.0.10 3.0.10.x
php / php 3.0.4 3.0.4.x
php / php 4.2.3 4.2.3.x
php / php 5.1.0 5.1.0.x
php / php 4.4.5 4.4.5.x
php / php 4.0.1-patch1 4.0.1-patch1.x
php / php 5.0.0-rc3 5.0.0-rc3.x
php / php 4.0 4.0.x
php / php 4.0-beta2 4.0-beta2.x
php / php 4.0.1-patch2 4.0.1-patch2.x
php / php 2.0b10 2.0b10.x
php / php 4.4.8 4.4.8.x
php / php 4.0.6 4.0.6.x
php / php 5.2.0 5.2.0.x
php / php 5.0-rc2 5.0-rc2.x
php / php 5.2.4 5.2.4.x
php / php 4.1.2 4.1.2.x
php / php 5.0.0-beta3 5.0.0-beta3.x
php / php 4.0.7-rc3 4.0.7-rc3.x
php / php 4.0-rc2 4.0-rc2.x
php / php 4.3.1 4.3.1.x
php / php 5.1.3 5.1.3.x
php / php 3.0.18 3.0.18.x
php / php 4.0-beta_4_patch1 4.0-beta_4_patch1.x
php / php 4.4.0 4.4.0.x
php / php 4.3.10 4.3.10.x
php / php 4.2.1 4.2.1.x
php / php 5.0.0-rc1 5.0.0-rc1.x
php / php 4.0.4-patch1 4.0.4-patch1.x
php / php 4.0.1 4.0.1.x
php / php 1.0 1.0.x
php / php 5.0.2 5.0.2.x
php / php 4.4.6 4.4.6.x
php / php 3.0.12 3.0.12.x
php / php 4.2 4.2.x
php / php 4.4.1 4.4.1.x
php / php 4.0-beta3 4.0-beta3.x
php / php 4.0.3 4.0.3.x
php / php 3.0.14 3.0.14.x
php / php 3.0.9 3.0.9.x
php / php 3.0.3 3.0.3.x
php / php 5.0.0-beta4 5.0.0-beta4.x
php / php 5 5.x
php / php 5.0.0 5.0.0.x
php / php 4.3.8 4.3.8.x
php / php 4.3.5 4.3.5.x
php / php 5.0.0-beta2 5.0.0-beta2.x
php / php 5.2.8 5.2.8.x
php / php 4.4.7 4.4.7.x