User: Password:
Subscribe / Log in / New account

php4: integer overflow and denial of service

Package(s):php4 CVE #(s):CAN-2005-1042 CAN-2005-1043
Created:April 14, 2005 Updated:July 13, 2005
Description: The php4 EXIF module has two vulnerabilities. An integer overflow in the exif_process_IFD_TAG() function can be exploited to cause a buffer overflow for the purpose of arbitrary code execution. EXIF headers with a large IFD nesting level can be used to cause a denial of service. Remote exploits are possible.
Fedora-Legacy FLSA:155505 php 2005-07-10
Red Hat RHSA-2005:406-01 PHP 2005-05-04
Red Hat RHSA-2005:405-01 PHP 2005-04-28
Mandriva MDKSA-2005:072 php 2005-04-18
Ubuntu USN-112-1 php4 2005-04-14

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds