2 matches found
php: Information disclosure in exif_read_data()
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure o...
php: Out-of-bounds read in ext/exif/exif.c:exif_read_data() when reading crafted JPEG data
An out-of-bounds read has been found in PHP when function exifiifaddvalue handles the case of a MakerNote that lacks a final terminator character. A remote attacker could use this vulnerability to cause a crash...