php: Uninitialized read in exif_process_IFD_in_MAKERNOTE

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exifprocessIFDinMAKERNOTE because of mishandling the datalen variable...

PHP Uninitialized Read Vulnerability (CNVD-2019-24792)

PHP is a general-purpose open source scripting language. The syntax absorbs the characteristics of the C language , Java and Perl , easy to learn , widely used , mainly in the field of Web development . An uninitialized read vulnerability exists in exifprocessIFDinMAKERNOTE in the EXIF component ...

PHP Uninitialized Read Vulnerability (CNVD-2019-24791)

PHP is a general-purpose open source scripting language. The syntax absorbs the characteristics of the C language , Java and Perl , easy to learn , widely used , mainly in the field of Web development . An uninitialized read vulnerability exists in exifprocessIFDinMAKERNOTE in the EXIF component ...

LibRaw stack buffer overflow vulnerability (CNVD-2018-26473)

LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A stack-based buffer overflow vulnerability exists in the 'parsemakernote' function of the dcrawcommon.cpp file in LibRaw version 0.19.1. An attacker can exploit this...

DEBIAN-CVE-2018-20337

There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...

UBUNTU-CVE-2018-20337

There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...

ALPINE-CVE-2018-14851

exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file...

CVE-2018-14851

exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file...

UBUNTU-CVE-2018-14851

exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file...

CVE-2018-10549

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exifreaddata in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exifiifaddvalue mishandles the case of a MakerNote that lacks a final '\0' character...

CVE-2018-10549

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exifreaddata in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exifiifaddvalue mishandles the case of a MakerNote that lacks a final '\0' character...

CVE-2018-10549

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exifreaddata in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exifiifaddvalue mishandles the case of a MakerNote that lacks a final '\0' character...

CVE-2018-10549

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exifreaddata in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exifiifaddvalue mishandles the case of a MakerNote that lacks a final '\0' character...

UBUNTU-CVE-2016-6291

The exifprocessIFDinMAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service out-of-bounds array access and memory corruption, obtain sensitive information from process memory, or possibly have...

Mambo Component zOOm Media Gallery <= 2.5 Beta 2 RFI Vulnerabilities

Exploit for unknown platform in category web applications ==================================================================== Mambo Component zOOm Media Gallery array , "getMakernoteTextValue" = array , "InterpretMakernotetoHTML" = array ; // Include the Main TIFF and EXIF Tags array...

Mambo Component zOOm Media Gallery 2.5 Beta 2 - Remote File Inclusion

iskorpitx@metlak from TURKEY comzoom file include / // Create the Makernote Parser and Interpreter Function Array $GLOBALS'MakernoteFunctionArray' = array "ReadMakernoteTag" = array , "getMakernoteTextValue" = array , "InterpretMakernotetoHTML" = array ; // Include the Main TIFF and EXIF Tags arr...