Описание
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 5.1.2-1ubuntu3.22 |
| devel | not-affected | 5.3.5-1ubuntu7.2 |
| hardy | released | 5.2.4-2ubuntu5.15 |
| karmic | released | 5.2.10.dfsg.1-2ubuntu6.9 |
| lucid | released | 5.3.2-1ubuntu4.8 |
| maverick | released | 5.3.3-1ubuntu9.4 |
| natty | released | 5.3.5-1ubuntu7.1 |
| upstream | released | 5.3.6 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms p ...
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
Уязвимость расширения Exif интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.3 Medium
CVSS2