CVE: CVE-2009-4017

Export to Word

PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.

Threat-Mapped Scoring

Score: 1.9

Priority: P3 - Important (Medium)

S9 – Sabotage of System/App
S10 – Denial of Service (+0.1 bonus)

EPSS

Score: 0.01304
Percentile: 0.78872

CVSS Scoring

CVSS v2 Score: 5.0

Severity:

Mapped CWE(s)

CWE-770 : Allocation of Resources Without Limits or Throttling

All CAPEC(s)

CAPEC-125: Flooding
CAPEC-130: Excessive Allocation
CAPEC-147: XML Ping of the Death
CAPEC-197: Exponential Data Expansion
CAPEC-229: Serialized Data Parameter Blowup
CAPEC-230: Serialized Data with Nested Payloads
CAPEC-231: Oversized Serialized Data Payloads
CAPEC-469: HTTP DoS
CAPEC-482: TCP Flood
CAPEC-486: UDP Flood
CAPEC-487: ICMP Flood
CAPEC-488: HTTP Flood
CAPEC-489: SSL Flood
CAPEC-490: Amplification
CAPEC-491: Quadratic Data Expansion
CAPEC-493: SOAP Array Blowup
CAPEC-494: TCP Fragmentation
CAPEC-495: UDP Fragmentation
CAPEC-496: ICMP Fragmentation
CAPEC-528: XML Flood

CAPEC(s) with Mapped TTPs

CAPEC-125: Flooding
Mapped TTPs:
- T1498.001 : Direct Network Flood
- T1499 : Endpoint Denial of Service
CAPEC-130: Excessive Allocation
Mapped TTPs:
- T1499.003 : Application Exhaustion Flood
CAPEC-469: HTTP DoS
Mapped TTPs:
- T1499.002 : Service Exhaustion Flood
CAPEC-482: TCP Flood
Mapped TTPs:
- T1498.001 : Direct Network Flood
- T1499.001 : OS Exhaustion Flood
- T1499.002 : Service Exhaustion Flood
CAPEC-488: HTTP Flood
Mapped TTPs:
- T1499.002 : Service Exhaustion Flood
CAPEC-489: SSL Flood
Mapped TTPs:
- T1499.002 : Service Exhaustion Flood
CAPEC-490: Amplification
Mapped TTPs:
- T1498.002 : Reflection Amplification
CAPEC-528: XML Flood
Mapped TTPs:
- T1499.002 : Service Exhaustion Flood
- T1498.001 : Direct Network Flood

Mapped ATT&CK TTPs

T1498.001 : Direct Network Flood
Kill Chain: impact
T1499 : Endpoint Denial of Service
Kill Chain: impact
T1499.003 : Application Exhaustion Flood
Kill Chain: impact
T1499.002 : Service Exhaustion Flood
Kill Chain: impact
T1498.001 : Direct Network Flood
Kill Chain: impact
T1499.001 : OS Exhaustion Flood
Kill Chain: impact
T1499.002 : Service Exhaustion Flood
Kill Chain: impact
T1499.002 : Service Exhaustion Flood
Kill Chain: impact
T1499.002 : Service Exhaustion Flood
Kill Chain: impact
T1498.002 : Reflection Amplification
Kill Chain: impact
T1499.002 : Service Exhaustion Flood
Kill Chain: impact
T1498.001 : Direct Network Flood
Kill Chain: impact

Malware

APTs Threat Group Associations

Sandworm Team

Campaigns

Affected Products

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.0:-:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.0:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.0:rc3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.0:rc4:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

← Back to Home