CVE-2005-3353 Information
Share on:Description
The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image.
Reference
http://bugs.php.net/bug.php?id=34704 http://docs.info.apple.com/article.html?artnum=303382 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://rhn.redhat.com/errata/RHSA-2005-831.html http://secunia.com/advisories/17371 http://secunia.com/advisories/17490 http://secunia.com/advisories/17531 http://secunia.com/advisories/17557 http://secunia.com/advisories/18054 http://secunia.com/advisories/18198 http://secunia.com/advisories/19064 http://secunia.com/advisories/22691 http://secunia.com/advisories/22713 http://securityreason.com/securityalert/525 http://www.debian.org/security/2006/dsa-1206 http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html http://www.mandriva.com/security/advisories?name=MDKSA-2005:213 http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html http://www.php.net/ChangeLog-4.php4.4.1 http://www.securityfocus.com/archive/1/419504/100/0/threaded http://www.securityfocus.com/bid/15358 http://www.securityfocus.com/bid/16907 http://www.turbolinux.com/security/2006/TLSA-2006-38.txt http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://www.vupen.com/english/advisories/2006/0791 http://www.vupen.com/english/advisories/2006/4320 https://exchange.xforce.ibmcloud.com/vulnerabilities/24351 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11032 https://www.ubuntu.com/usn/usn-232-1/