Published: 02/05/2005 Updated: 03/05/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote malicious users to cause a denial of service (infinite loop) via a -8 size value.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php 4.2.2
php php 4.3.10
php php 4.3.9
php php 5.0.3

Two Denial of Service vulnerabilities have been discovered in the getimagesize() function getimagesize() uses format specific internal functions php_handle_iff() and php_handle_jpeg() which get stuck in infinite loops when certain (invalid) size parameters are read from the image In web applications that allow users to upload arbitrary image file ...

Synopsis PHP security update Type/Severity Security Advisory: Moderate Topic Updated PHP packages that fix various security issues are now availableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description PHP is an HTML-embedded script ...

NVD-CWE-Other http://www.securityfocus.com/archive/1/394797 http://securitytracker.com/id?1013619 http://secunia.com/advisories/14792 http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml http://www.redhat.com/support/errata/RHSA-2005-405.html http://www.redhat.com/support/errata/RHSA-2005-406.html http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html http://www.mandriva.com/security/advisories?name=MDKSA-2005:072 http://www.osvdb.org/15183 http://www.vupen.com/english/advisories/2005/0305 https://exchange.xforce.ibmcloud.com/vulnerabilities/19920 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9310 https://usn.ubuntu.com/105-1/https://nvd.nist.gov

CVE-2005-0524

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect