Lucene search
UbuntuUSN-1307-1HistoryDec 14, 2011 - 12:00 a.m.
PHP vulnerability
2011-12-1400:00:00
ubuntu.com
34
6.3 Medium
AI Score
Confidence
Low
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.882 High
EPSS
Percentile
98.6%
Releases
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04
- Ubuntu 8.04
Packages
- php5 - HTML-embedded scripting language interpreter
Details
Florent Hochwelker discovered that PHP incorrectly handled certain EXIF
headers in JPEG files. A remote attacker could exploit this issue to
view sensitive information or cause the PHP server to crash.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.04 | noarch | php5-cli | <Β 5.2.4-2ubuntu5.19 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libapache2-mod-php5 | <Β 5.2.4-2ubuntu5.19 | UNKNOWN |
| Ubuntu | 8.04 | noarch | php5-cgi | <Β 5.2.4-2ubuntu5.19 | UNKNOWN |
| Ubuntu | 8.04 | noarch | php5-common | <Β 5.2.4-2ubuntu5.19 | UNKNOWN |
| Ubuntu | 8.04 | noarch | php5-curl | <Β 5.2.4-2ubuntu5.19 | UNKNOWN |
| Ubuntu | 8.04 | noarch | php5-dev | <Β 5.2.4-2ubuntu5.19 | UNKNOWN |
| Ubuntu | 8.04 | noarch | php5-gd | <Β 5.2.4-2ubuntu5.19 | UNKNOWN |
| Ubuntu | 8.04 | noarch | php5-gmp | <Β 5.2.4-2ubuntu5.19 | UNKNOWN |
| Ubuntu | 8.04 | noarch | php5-ldap | <Β 5.2.4-2ubuntu5.19 | UNKNOWN |
| Ubuntu | 8.04 | noarch | php5-mhash | <Β 5.2.4-2ubuntu5.19 | UNKNOWN |
References
Related
seebug
seebug
PHP "exif_process_IFD_TAG()"θΏη¨ζ΄ζ°ζΊ’εΊζΌζ΄
2011-12-07 00:00:00
openvas
openvas
Ubuntu Update for php5 USN-1307-1
2011-12-16 00:00:00
PHP EXIF Header Denial of Service Vulnerability (Windows)
2011-12-01 00:00:00
Ubuntu Update for php5 USN-1307-1
2011-12-16 00:00:00
checkpoint_advisories
checkpoint_advisories
PHP Exif Header Parsing Integer Overflow (CVE-2011-4566)
2012-08-27 00:00:00
PHP Exif Header Parsing Integer Overflow - Ver2 (CVE-2011-4566)
2015-03-26 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:06:05
nessus
nessus
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : php5 vulnerability (USN-1307-1)
2011-12-15 00:00:00
CentOS 5 / 6 : php / php53 (CESA-2012:0019)
2012-01-12 00:00:00
RHEL 5 / 6 : php53 and php (RHSA-2012:0019)
2012-01-12 00:00:00
freebsd
freebsd
php -- multiple vulnerabilities
2011-12-29 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: php-eaccelerator-0.9.6.1-9.fc16.1
2012-01-19 22:00:25
[SECURITY] Fedora 16 Update: maniadrive-1.2-32.fc16.1
2012-01-19 22:00:25
[SECURITY] Fedora 16 Update: php-5.3.9-1.fc16
2012-01-19 22:00:25
cve
cve
CVE-2011-4566
2011-11-29 00:55:00
amazon
amazon
Medium: php
2012-01-19 20:10:00
oraclelinux
oraclelinux
php53 and php security update
2012-01-11 00:00:00
php security update
2012-01-30 00:00:00
php security update
2012-01-18 00:00:00
redhat
redhat
(RHSA-2012:0019) Moderate: php53 and php security update
2012-01-11 00:00:00
(RHSA-2012:0071) Moderate: php security update
2012-01-30 00:00:00
(RHSA-2012:0033) Moderate: php security update
2012-01-18 00:00:00
ubuntucve
ubuntucve
CVE-2011-4566
2011-11-28 00:00:00
prion
prion
Integer overflow
2011-11-29 00:55:00
centos
centos
php, php53 security update
2012-01-11 19:19:36
php security update
2012-01-30 20:44:11
php security update
2012-01-18 19:55:58
securityvulns
securityvulns
PHP security vulnerabilities
2012-02-08 00:00:00
[ MDVSA-2012:071 ] php
2012-05-14 00:00:00
Apple Mac OS X multiple security vulnerabilities
2012-08-20 00:00:00
debian
debian
[SECURITY] [DSA 2399-2] php5 regression fix
2012-01-31 15:26:47
[SECURITY] [DSA 2399-1] php5 security update
2012-01-31 07:22:58
osv
osv
php5 - several
2012-01-31 00:00:00
suse
suse
update for php5 (important)
2012-03-29 15:08:14
Security update for PHP5 (important)
2012-04-12 23:08:15
Security update for PHP5 (important)
2013-08-16 21:04:11
f5
f5
K13519 : Multiple PHP vulnerabilities
2013-09-20 00:00:00
SOL13519 - Multiple PHP vulnerabilities
2012-04-04 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2012-09-24 00:00:00
6.3 Medium
AI Score
Confidence
Low
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.882 High
EPSS
Percentile
98.6%
Related for USN-1307-1