The vulnerability of the exif_process_user_comment function (ext/exif/exif.c) in the PHP programming language allows a hacker to cause a service failure.

PHP exif_process_user_comment flaw in ext/exif/exif.c due to pointer arithmetic errors could allow remote service disruption.

Reporter	Title	Published	Views	Family All 134
IBM Security Bulletins	Security Bulletin: Multiple security issues in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On	16 Jun 201820:06	–	ibm
Tenable Nessus	PHP 5.5.x < 5.5.38 / 5.6.x < 5.6.24 / 7.0.x < 7.0.9 Multiple Vulnerabilities	5 Aug 201600:00	–	nessus
Tenable Nessus	Mac OS X 10.x < 10.12 Multiple Vulnerabilities	21 Oct 201600:00	–	nessus
Tenable Nessus	Debian DLA-628-1 : php5 security update	19 Sep 201600:00	–	nessus
Tenable Nessus	Debian DSA-3631-1 : php5 - security update (httpoxy)	27 Jul 201600:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP5 : php (EulerOS-SA-2019-1984)	24 Sep 201900:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : php (EulerOS-SA-2019-2438)	4 Dec 201900:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP3 : php (EulerOS-SA-2019-2649)	18 Dec 201900:00	–	nessus
Tenable Nessus	EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2020-1747)	1 Jul 202000:00	–	nessus
Tenable Nessus	FreeBSD : php -- multiple vulnerabilities (b6402385-533b-11e6-a7bd-14dae9d210b8) (httpoxy)	27 Jul 201600:00	–	nessus

Vulners

Node

php_group phpRange<5.5.38

php_group phpRange5.6.0–5.6.24

php_group phpRange7.0–7.0.9

Source	Link
openwall	www.openwall.com/lists/oss-security/2016/07/24/2
php	www.php.net/ChangeLog-7.php
php	www.php.net/ChangeLog-5.php
git	www.git.php.net/
bugs	www.bugs.php.net/72618
securityfocus	www.securityfocus.com/bid/92078
support	www.support.apple.com/HT207170
lists	www.lists.apple.com/archives/security-announce/2016/Sep/msg00006.html
security	www.security.gentoo.org/glsa/201611-22
securitytracker	www.securitytracker.com/id/1036430

21 Apr 2022 00:00Current

7.2High risk

Vulners AI Score7.2

CVSS 36.5

CVSS 27.1

EPSS0.06201