Published: 02/05/2005 Updated: 30/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP prior to 4.3.11 may allow remote malicious users to execute arbitrary code via an IFD tag that leads to a negative byte count.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php 4.3.4
php php 4.3.5
php php 4.3.2
php php 4.3.3
php php 4.3.1
php php 4.3.10
php php 4.3.8
php php 4.3.9
php php 4.3.0
php php 4.3.6
php php 4.3.7

An integer overflow was discovered in the exif_process_IFD_TAG() function in PHP4’s EXIF module EXIF tags with a specially crafted “Image File Directory” (IFD) tag caused a buffer overflow which could have been exploited to execute arbitrary code with the privileges of the PHP4 server (CAN-2005-1042) ...

Synopsis PHP security update Type/Severity Security Advisory: Moderate Topic Updated PHP packages that fix various security issues are now availableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description PHP is an HTML-embedded script ...

NVD-CWE-Other http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.33&r2=1.118.2.34&ty=u https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154021 http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml http://www.redhat.com/support/errata/RHSA-2005-405.html http://www.redhat.com/support/errata/RHSA-2005-406.html http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html http://www.mandriva.com/security/advisories?name=MDKSA-2005:072 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10822 https://usn.ubuntu.com/112-1/https://usn.ubuntu.com/112-1/https://nvd.nist.gov

CVE-2005-1042

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect