14 matches found
EUVD-2020-18833
Malware in sbrugna...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Jhead vulnerabilities (USN-6098-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6098-1 advisory. It was discovered that Jhead did not properly handle certain crafted images while processing the JFIF markers. An attacker could...
SUSE CVE-2005-1043
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service memory consumption and crash via an EXIF header with a large IFD nesting level, which causes significant stack recursion...
Square: malicious file upload
i found my payload on exif header and it works link https://www.bookfresh.com/upload/75084df285f94f6790a250fe516fef04test.php.jpg...
php: integer overflow in exif_process_IFD_TAG() may lead to DoS or arbitrary memory disclosure
Integer overflow in the exifprocessIFDTAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offsetval value in an EXIF header in a JPEG file, a...
FreeBSD : php -- multiple vulnerabilities (d3921810-3c80-11e1-97e8-00215c6a37bb)
php development team reports : Security Enhancements and Fixes in PHP 5.3.9 : - Added maxinputvars directive to prevent attacks based on hash collisions. CVE-2011-4885 - Fixed bug 60150 Integer overflow during the parsing of invalid exif header. CVE-2011-4566 %NASLMINLEVEL 70300 C Tenable Network...
php -- multiple vulnerabilities
php development team reports: Security Enhancements and Fixes in PHP 5.3.9: Added maxinputvars directive to prevent attacks based on hash collisions. CVE-2011-4885 Fixed bug 60150 Integer overflow during the parsing of invalid exif header. CVE-2011-4566...
PHP EXIF Header DoS Vulnerability - Windows
PHP is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
CVE-2011-4566
Integer overflow in the exifprocessIFDTAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offsetval value in an EXIF header in a JPEG file, a...
CVE-2011-4566
CVE-2011-4566 is an integer overflow in the exif extension (exif_process_IFD_TAG) of PHP, triggered on 32‑bit platforms by a crafted EXIF header in a JPEG. This allows remote attackers to read arbitrary memory or cause a denial of service. The CVE is acknowledged in multiple advisories (Debian, C...
CVE-2011-4566
Integer overflow in the exifprocessIFDTAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offsetval value in an EXIF header in a JPEG file, a...
security flaw
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service memory consumption and crash via an EXIF header with a large IFD nesting level, which causes significant stack recursion...
CVE-2005-1043
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service memory consumption and crash via an EXIF header with a large IFD nesting level, which causes significant stack recursion...
CVE-2005-1043
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service memory consumption and crash via an EXIF header with a large IFD nesting level, which causes significant stack recursion...