CVE-2016-6292

2016-07-25T14:59:00
ID CVE-2016-6292
Type cve
Reporter cve@mitre.org
Modified 2018-01-05T02:31:00

Description

The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image.