Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2009-4143

PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive.

  • Published: Dec 21, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-4143
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
php / php 4.3.9 4.3.9.x
php / php 4.4.9 4.4.9.x
php / php 3.0 3.0.x
php / php 5.2.9 5.2.9.x
php / php 4.0-beta1 4.0-beta1.x
php / php 3.0.5 3.0.5.x
php / php 3.0.11 3.0.11.x
php / php 5.1.5 5.1.5.x
php / php 5.1.2 5.1.2.x
php / php 4.0-beta4 4.0-beta4.x
php / php 4.2.0 4.2.0.x
php / php 5.1.1 5.1.1.x
php / php 3.0.1 3.0.1.x
php / php 3.0.2 3.0.2.x
php / php 4.4.4 4.4.4.x
php / php 5.0.0-beta1 5.0.0-beta1.x
php / php 4.1.0 4.1.0.x
php / php 5.1.6 5.1.6.x
php / php 4.3.4 4.3.4.x
php / php 4.0.4 4.0.4.x
php / php 4.3.0 4.3.0.x
php / php 4.0.5 4.0.5.x
php / php 5.0-rc1 5.0-rc1.x
php / php 5.2.7 5.2.7.x
php / php 5.2.2 5.2.2.x
php / php 3.0.8 3.0.8.x
php / php 5.0.5 5.0.5.x
php / php 4.3.6 4.3.6.x
php / php 3.0.13 3.0.13.x
php / php 5.0.1 5.0.1.x
php / php 4.0.7-rc4 4.0.7-rc4.x
php / php 5.1.4 5.1.4.x
php / php 5.2.5 5.2.5.x
php / php 4.0.7-rc2 4.0.7-rc2.x
php / php 4.3.7 4.3.7.x
php / php 5.0.4 5.0.4.x
php / php 4.0.7-rc1 4.0.7-rc1.x
php / php 4.2.2 4.2.2.x
php / php 4.4.2 4.4.2.x
php / php 4.0-rc1 4.0-rc1.x
php / php 3.0.7 3.0.7.x
php / php 4.3.2 4.3.2.x
php / php 4.3.11 4.3.11.x
php / php 4.0.0 4.0.0.x
php / php 3.0.6 3.0.6.x
php / php 3.0.17 3.0.17.x
php / php 4.0.7 4.0.7.x
php / php 4 4.x
php / php 4.0.2 4.0.2.x
php / php 4.3.3 4.3.3.x
php / php 5.0-rc3 5.0-rc3.x
php / php 2.0 2.0.x
php / php 4.1.1 4.1.1.x
php / php 3.0.15 3.0.15.x
php / php 3.0.16 3.0.16.x
php / php 5.2.6 5.2.6.x
php / php 4.4.3 4.4.3.x
php / php 5.0.0-rc2 5.0.0-rc2.x
php / php 5.2.3 5.2.3.x
php / php 5.0.3 5.0.3.x
php / php 3.0.10 3.0.10.x
php / php 3.0.4 3.0.4.x
php / php 4.2.3 4.2.3.x
php / php 5.1.0 5.1.0.x
php / php - 5.2.11.x
php / php 4.4.5 4.4.5.x
php / php 5.0.0-rc3 5.0.0-rc3.x
php / php 4.0 4.0.x
php / php 4.0-beta2 4.0-beta2.x
php / php 2.0b10 2.0b10.x
php / php 4.4.8 4.4.8.x
php / php 4.0.6 4.0.6.x
php / php 5.2.0 5.2.0.x
php / php 5.0-rc2 5.0-rc2.x
php / php 5.2.4 5.2.4.x
php / php 4.1.2 4.1.2.x
php / php 5.0.0-beta3 5.0.0-beta3.x
php / php 4.0.7-rc3 4.0.7-rc3.x
php / php 4.0-rc2 4.0-rc2.x
php / php 4.3.1 4.3.1.x
php / php 5.1.3 5.1.3.x
php / php 3.0.18 3.0.18.x
php / php 4.0-beta_4_patch1 4.0-beta_4_patch1.x
php / php 4.4.0 4.4.0.x
php / php 5.2.10 5.2.10.x
php / php 4.3.10 4.3.10.x
php / php 4.2.1 4.2.1.x
php / php 5.0.0-rc1 5.0.0-rc1.x
php / php 4.0.1 4.0.1.x
php / php 1.0 1.0.x
php / php 5.0.2 5.0.2.x
php / php 4.4.6 4.4.6.x
php / php 3.0.12 3.0.12.x
php / php 4.4.1 4.4.1.x
php / php 4.0-beta3 4.0-beta3.x
php / php 5.2.1 5.2.1.x
php / php 4.0.3 4.0.3.x
php / php 3.0.14 3.0.14.x
php / php 3.0.9 3.0.9.x
php / php 3.0.3 3.0.3.x
php / php 5.0.0-beta4 5.0.0-beta4.x
php / php 5 5.x
php / php 5.0.0 5.0.0.x
php / php 4.3.8 4.3.8.x
php / php 4.3.5 4.3.5.x
php / php 5.0.0-beta2 5.0.0-beta2.x
php / php 5.2.8 5.2.8.x
php / php 4.4.7 4.4.7.x