FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

php -- crash on crafted tag in exif

Affected packages
php5-exif < 5.3.6

Details

VuXML ID cc3bfec6-56cd-11e0-9668-001fd0d616cf
Discovery 2011-03-20
Entry 2011-03-25

US-CERT/NIST reports:

exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.

References

CVE Name CVE-2011-0708