CVE-2009-4418

Impact:
Low
Public Date:
2009-11-05
Bugzilla:
550387: CVE-2009-4418 php: DoS via unserialize

The MITRE CVE dictionary describes this issue as:

The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences.

Find out more about CVE-2009-4418 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat does not consider this to be a security flaw. For further details, see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-4418

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.