Lucene search

K
ubuntucveUbuntu.comUB:CVE-2011-4566
HistoryNov 28, 2011 - 12:00 a.m.

CVE-2011-4566

2011-11-2800:00:00
ubuntu.com
ubuntu.com
27

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

EPSS

0.882

Percentile

98.7%

Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif
extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to
read the contents of arbitrary memory locations or cause a denial of
service via a crafted offset_val value in an EXIF header in a JPEG file, a
different vulnerability than CVE-2011-0708.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchphp5<Β 5.2.4-2ubuntu5.19UNKNOWN
ubuntu10.04noarchphp5<Β 5.3.2-1ubuntu4.11UNKNOWN
ubuntu10.10noarchphp5<Β 5.3.3-1ubuntu9.7UNKNOWN
ubuntu11.04noarchphp5<Β 5.3.5-1ubuntu7.4UNKNOWN
ubuntu11.10noarchphp5<Β 5.3.6-13ubuntu3.3UNKNOWN

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

EPSS

0.882

Percentile

98.7%