CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
EPSS
Percentile
98.7%
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif
extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to
read the contents of arbitrary memory locations or cause a denial of
service via a crafted offset_val value in an EXIF header in a JPEG file, a
different vulnerability than CVE-2011-0708.