Lucene search

[email protected]NVD:CVE-2011-0708

HistoryMar 20, 2011 - 2:00 a.m.

CVE-2011-0708

2011-03-2002:00:03

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

9.1

Confidence

High

EPSS

0.082

Percentile

94.4%

JSON

exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.

Affected configurations

Nvd

Node

phpphpRange≤5.3.5

phpphpMatch1.0

phpphpMatch2.0

phpphpMatch2.0b10

phpphpMatch3.0

phpphpMatch3.0.1

phpphpMatch3.0.2

phpphpMatch3.0.3

phpphpMatch3.0.4

phpphpMatch3.0.5

phpphpMatch3.0.6

phpphpMatch3.0.7

phpphpMatch3.0.8

phpphpMatch3.0.9

phpphpMatch3.0.10

phpphpMatch3.0.11

phpphpMatch3.0.12

phpphpMatch3.0.13

phpphpMatch3.0.14

phpphpMatch3.0.15

phpphpMatch3.0.16

phpphpMatch3.0.17

phpphpMatch3.0.18

phpphpMatch4.0

phpphpMatch4.0beta_4_patch1

phpphpMatch4.0beta1

phpphpMatch4.0beta2

phpphpMatch4.0beta3

phpphpMatch4.0beta4

phpphpMatch4.0.0

phpphpMatch4.0.1

phpphpMatch4.0.2

phpphpMatch4.0.3

phpphpMatch4.0.4

phpphpMatch4.0.5

phpphpMatch4.0.6

phpphpMatch4.0.7

phpphpMatch4.1.0

phpphpMatch4.1.1

phpphpMatch4.1.2

phpphpMatch4.2.0

phpphpMatch4.2.1

phpphpMatch4.2.2

phpphpMatch4.2.3

phpphpMatch4.3.0

phpphpMatch4.3.1

phpphpMatch4.3.2

phpphpMatch4.3.3

phpphpMatch4.3.4

phpphpMatch4.3.5

phpphpMatch4.3.6

phpphpMatch4.3.7

phpphpMatch4.3.8

phpphpMatch4.3.9

phpphpMatch4.3.10

phpphpMatch4.3.11

phpphpMatch4.4.0

phpphpMatch4.4.1

phpphpMatch4.4.2

phpphpMatch4.4.3

phpphpMatch4.4.4

phpphpMatch4.4.5

phpphpMatch4.4.6

phpphpMatch4.4.7

phpphpMatch4.4.8

phpphpMatch4.4.9

phpphpMatch5.0.0

phpphpMatch5.0.0beta1

phpphpMatch5.0.0beta2

phpphpMatch5.0.0beta3

phpphpMatch5.0.0beta4

phpphpMatch5.0.0rc1

phpphpMatch5.0.0rc2

phpphpMatch5.0.0rc3

phpphpMatch5.0.1

phpphpMatch5.0.2

phpphpMatch5.0.3

phpphpMatch5.0.4

phpphpMatch5.0.5

phpphpMatch5.1.0

phpphpMatch5.1.1

phpphpMatch5.1.2

phpphpMatch5.1.3

phpphpMatch5.1.4

phpphpMatch5.1.5

phpphpMatch5.1.6

phpphpMatch5.2.0

phpphpMatch5.2.1

phpphpMatch5.2.2

phpphpMatch5.2.3

phpphpMatch5.2.4

phpphpMatch5.2.4windows

phpphpMatch5.2.5

phpphpMatch5.2.6

phpphpMatch5.2.7

phpphpMatch5.2.8

phpphpMatch5.2.9

phpphpMatch5.2.10

phpphpMatch5.2.11

phpphpMatch5.2.12

phpphpMatch5.2.13

phpphpMatch5.2.14

phpphpMatch5.2.15

phpphpMatch5.2.16

phpphpMatch5.2.17

phpphpMatch5.3.0

phpphpMatch5.3.1

phpphpMatch5.3.2

phpphpMatch5.3.3

phpphpMatch5.3.4

VendorProductVersionCPE
phpphp*cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
phpphp1.0cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*
phpphp2.0cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*
phpphp2.0b10cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*
phpphp3.0cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*
phpphp3.0.1cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*
phpphp3.0.2cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*
phpphp3.0.3cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*
phpphp3.0.4cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*
phpphp3.0.5cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php	php	*	cpe:2.3:a:php:php::::::::
php	php	1.0	cpe:2.3:a:php:php:1.0:::::::*
php	php	2.0	cpe:2.3:a:php:php:2.0:::::::*
php	php	2.0b10	cpe:2.3:a:php:php:2.0b10:::::::*
php	php	3.0	cpe:2.3:a:php:php:3.0:::::::*
php	php	3.0.1	cpe:2.3:a:php:php:3.0.1:::::::*
php	php	3.0.2	cpe:2.3:a:php:php:3.0.2:::::::*
php	php	3.0.3	cpe:2.3:a:php:php:3.0.3:::::::*
php	php	3.0.4	cpe:2.3:a:php:php:3.0.4:::::::*
php	php	3.0.5	cpe:2.3:a:php:php:3.0.5:::::::*