CVE-2011-0708
Published: 19 March 2011
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
Priority
Status
Package | Release | Status |
---|---|---|
php5 Launchpad, Ubuntu, Debian |
Upstream |
Released
(5.3.6)
|
Patches: Upstream: http://svn.php.net/viewvc?view=revision&revision=308316 |