Lucene search

K
freebsdFreeBSDCC3BFEC6-56CD-11E0-9668-001FD0D616CF
HistoryMar 20, 2011 - 12:00 a.m.

php -- crash on crafted tag in exif

2011-03-2000:00:00
vuxml.freebsd.org
19

0.066 Low

EPSS

Percentile

93.7%

US-CERT/NIST reports:

exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms
performs an incorrect cast, which allows remote attackers to cause a
denial of service (application crash) via an image with a crafted
Image File Directory (IFD) that triggers a buffer over-read.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphp5-exif< 5.3.6UNKNOWN