Denial Of Service (DoS)

2020-04-1001:06:05

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

JSON

php is vulnerable to denial of service (DoS). The vulnerability exists as an integer overflow flaw was found in the PHP exif extension. On 32-bit systems, a specially-crafted image file could cause the PHP interpreter to crash or disclose portions of its memory when a PHP script tries to extract Exchangeable image file format (Exif) metadata from the image file.

CPENameOperatorVersion
phpeq5.1.6__5.el5
phpeq5.1.6__23.2.el5_3
phpeq5.1.6__12.el5
phpeq5.3.2__6.el6
phpeq5.1.6__24.el5_4.5
phpeq5.1.6__11.el5
phpeq5.1.6__20.el5
phpeq5.1.6__20.el5_2.1
phpeq5.1.6__15.el5
phpeq5.3.2__6.el6_0.1

Name	Operator	Version
php	eq	5.1.6__5.el5
php	eq	5.1.6__23.2.el5_3
php	eq	5.1.6__12.el5
php	eq	5.3.2__6.el6
php	eq	5.1.6__24.el5_4.5
php	eq	5.1.6__11.el5
php	eq	5.1.6__20.el5
php	eq	5.1.6__20.el5_2.1
php	eq	5.1.6__15.el5
php	eq	5.3.2__6.el6_0.1