The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP prior to 5.5.35, 5.6.x prior to 5.6.21, and 7.x prior to 7.0.6 does not validate TIFF start data, which allows remote malicious users to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php |
||
opensuse leap 42.1 |
||
opensuse opensuse 13.2 |
||
fedoraproject fedora 24 |
||
debian debian linux 8.0 |