EUVD-2009-1498

Malware in sbrugna...

SUSE CVE-2005-3353

The exifreaddata function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service infinite loop via a malformed JPEG image...

SUSE CVE-2009-2687

The exifreaddata function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service crash via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353...

Debian DLA-2050-1 : php5 security update

Several security bugs have been identified and fixed in php5, a server-side, HTML-embedded scripting language. The affected components include the exif module and handling of filenames with \0 embedded. For Debian 8 'Jessie', these problems have been fixed in version 5.6.40+dfsg-0+deb8u8. We...

Debian DSA-4353-1 : php7.0 - security update

Multiple security issues were found in PHP, a widely-used open source general purpose scripting language: The EXIF module was susceptible to denial of service/information disclosure when parsing malformed images, the Apache module allowed cross-site-scripting via the body of a 'Transfer-Encoding:...

CVE-2018-14851

exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file...

PHP Exif_Process_User_Comment Null Pointer Dereference (CVE-2016-6292)

A denial of service vulnerability exists in the Exif module of PHP. The vulnerability is due to a null pointer dereference in exifprocessusercomment when trying to handle JIS encoded user comment Exif tags when multi-byte string support is enabled in PHP. A remote, unauthenticated attacker can...

Debian Security Advisory DSA 2266-1 (php5)

The remote host is missing an update to php5 announced via advisory DSA 2266-1. OpenVAS Vulnerability Test $Id: deb22661.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2266-1 php5 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Debian DSA-2266-1 : php5 - several vulnerabilities

Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code. - CVE-2010-2531 An information leak was found in the varexport function. - CVE-2011-0421 The Zip module could crash. - CVE-2011-0708 An integer overflow was...

[SECURITY] [DSA 2266-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2266-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 29, 2011 http://www.debian.org/security/faq -...

DSA-2266-1 php5 - several

Bulletin has no description...

SuSE 10 Security Update : PHP5 (ZYPP Patch Number 6536)

Multiple issues have been fixed in php5 : - phpopensslapplyverificationpolicy fails to verify certificate. CVE-2009-3291 - 'missing sainity checks around exif'. CVE-2009-3292 - unspecified vulnerability in the imagecolortransparent. CVE-2009-3293 - denial of service in exif module CVE-2009-2687...

Debian DSA-1940-1 : php5 - multiple issues

Several remote vulnerabilities have been discovered in the PHP 5 hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems : The following issues have been fixed in both the stable lenny and the oldstable etch distributions : - CVE-2009-2687...

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : php5 vulnerabilities (USN-862-1)

Maksymilian Arciemowicz discovered that PHP did not properly validate arguments to the dbareplace function. If a script passed untrusted input to the dbareplace function, an attacker could truncate the database. This issue only applied to Ubuntu 6.06 LTS, 8.04 LTS, and 8.10. CVE-2008-7068 It was...

[SECURITY] [DSA-1940-1] New php5 packages fix several issues

------------------------------------------------------------------------ Debian Security Advisory DSA-1940-1 [email protected] http://www.debian.org/security/ Stefan Fritsch November 25, 2009 http://www.debian.org/security/faq -...

DSA-1940-1 php5 - multiple issues

Bulletin has no description...

openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-1334)

Multiple issues have been fixed in php5 : - phpopensslapplyverificationpolicy fails to verify certificate CVE-2009-3291 - 'missing sainity checks around exif' CVE-2009-3292 - unspecified vulnerability in the imagecolortransparent CVE-2009-3293 - denial of service in exif module CVE-2009-2687...

php: exif_read_data crash on corrupted JPEG files

The exifreaddata function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service crash via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353...

Ubuntu USN-824-1 (php5)

The remote host is missing an update to php5 announced via advisory USN-824-1. OpenVAS Vulnerability Test $Id: ubuntu8241.nasl 8616 2018-02-01 08:24:13Z cfischer $ $Id: ubuntu8241.nasl 8616 2018-02-01 08:24:13Z cfischer $ Description: Auto-generated from advisory USN-824-1 php5 Authors: Thomas...

CVE-2009-2687

The exifreaddata function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service crash via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353...