Unrated severityNVD Advisory· Published Apr 8, 2009· Updated Jun 16, 2026
CVE-2009-1271
CVE-2009-1271
Description
The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.4:*:windows:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*
- (no CPE)range: <=5.2.8
Patches
Vulnerability mechanics
References
22- www.php.net/releases/5_2_9.phpnvdVendor Advisory
- cvs.php.net/viewvc.cgi/php-src/ext/json/JSON_parser.cnvd
- lists.apple.com/archives/security-announce/2009/Sep/msg00004.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.htmlnvd
- secunia.com/advisories/34770nvd
- secunia.com/advisories/34830nvd
- secunia.com/advisories/34933nvd
- secunia.com/advisories/35003nvd
- secunia.com/advisories/35007nvd
- secunia.com/advisories/35306nvd
- secunia.com/advisories/35685nvd
- secunia.com/advisories/36701nvd
- support.apple.com/kb/HT3865nvd
- www.debian.org/security/2009/dsa-1775nvd
- www.debian.org/security/2009/dsa-1789nvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2009/04/01/9nvd
- www.redhat.com/support/errata/RHSA-2009-0350.htmlnvd
- www.ubuntu.com/usn/USN-761-2nvd
- usn.ubuntu.com/761-1/nvd
- www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.htmlnvd
News mentions
0No linked articles in our index yet.