ID |
CVE-2011-4566
|
Summary |
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708. Per: https://bugs.php.net/bug.php?id=60150
'The bug is only present in 32 bits version.' |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 6.4 (as of 29-08-2017 - 01:30) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-189 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
NONE |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:N/A:P
|
redhat
via4
|
advisories | | rpms | - php-0:5.3.3-3.el6_2.5
- php-bcmath-0:5.3.3-3.el6_2.5
- php-cli-0:5.3.3-3.el6_2.5
- php-common-0:5.3.3-3.el6_2.5
- php-dba-0:5.3.3-3.el6_2.5
- php-debuginfo-0:5.3.3-3.el6_2.5
- php-devel-0:5.3.3-3.el6_2.5
- php-embedded-0:5.3.3-3.el6_2.5
- php-enchant-0:5.3.3-3.el6_2.5
- php-gd-0:5.3.3-3.el6_2.5
- php-imap-0:5.3.3-3.el6_2.5
- php-intl-0:5.3.3-3.el6_2.5
- php-ldap-0:5.3.3-3.el6_2.5
- php-mbstring-0:5.3.3-3.el6_2.5
- php-mysql-0:5.3.3-3.el6_2.5
- php-odbc-0:5.3.3-3.el6_2.5
- php-pdo-0:5.3.3-3.el6_2.5
- php-pgsql-0:5.3.3-3.el6_2.5
- php-process-0:5.3.3-3.el6_2.5
- php-pspell-0:5.3.3-3.el6_2.5
- php-recode-0:5.3.3-3.el6_2.5
- php-snmp-0:5.3.3-3.el6_2.5
- php-soap-0:5.3.3-3.el6_2.5
- php-tidy-0:5.3.3-3.el6_2.5
- php-xml-0:5.3.3-3.el6_2.5
- php-xmlrpc-0:5.3.3-3.el6_2.5
- php-zts-0:5.3.3-3.el6_2.5
- php53-0:5.3.3-1.el5_7.5
- php53-bcmath-0:5.3.3-1.el5_7.5
- php53-cli-0:5.3.3-1.el5_7.5
- php53-common-0:5.3.3-1.el5_7.5
- php53-dba-0:5.3.3-1.el5_7.5
- php53-debuginfo-0:5.3.3-1.el5_7.5
- php53-devel-0:5.3.3-1.el5_7.5
- php53-gd-0:5.3.3-1.el5_7.5
- php53-imap-0:5.3.3-1.el5_7.5
- php53-intl-0:5.3.3-1.el5_7.5
- php53-ldap-0:5.3.3-1.el5_7.5
- php53-mbstring-0:5.3.3-1.el5_7.5
- php53-mysql-0:5.3.3-1.el5_7.5
- php53-odbc-0:5.3.3-1.el5_7.5
- php53-pdo-0:5.3.3-1.el5_7.5
- php53-pgsql-0:5.3.3-1.el5_7.5
- php53-process-0:5.3.3-1.el5_7.5
- php53-pspell-0:5.3.3-1.el5_7.5
- php53-snmp-0:5.3.3-1.el5_7.5
- php53-soap-0:5.3.3-1.el5_7.5
- php53-xml-0:5.3.3-1.el5_7.5
- php53-xmlrpc-0:5.3.3-1.el5_7.5
- php-0:5.1.6-27.el5_7.4
- php-bcmath-0:5.1.6-27.el5_7.4
- php-cli-0:5.1.6-27.el5_7.4
- php-common-0:5.1.6-27.el5_7.4
- php-dba-0:5.1.6-27.el5_7.4
- php-debuginfo-0:5.1.6-27.el5_7.4
- php-devel-0:5.1.6-27.el5_7.4
- php-gd-0:5.1.6-27.el5_7.4
- php-imap-0:5.1.6-27.el5_7.4
- php-ldap-0:5.1.6-27.el5_7.4
- php-mbstring-0:5.1.6-27.el5_7.4
- php-mysql-0:5.1.6-27.el5_7.4
- php-ncurses-0:5.1.6-27.el5_7.4
- php-odbc-0:5.1.6-27.el5_7.4
- php-pdo-0:5.1.6-27.el5_7.4
- php-pgsql-0:5.1.6-27.el5_7.4
- php-snmp-0:5.1.6-27.el5_7.4
- php-soap-0:5.1.6-27.el5_7.4
- php-xml-0:5.1.6-27.el5_7.4
- php-xmlrpc-0:5.1.6-27.el5_7.4
- php-0:4.3.9-3.35
- php-debuginfo-0:4.3.9-3.35
- php-devel-0:4.3.9-3.35
- php-domxml-0:4.3.9-3.35
- php-gd-0:4.3.9-3.35
- php-imap-0:4.3.9-3.35
- php-ldap-0:4.3.9-3.35
- php-mbstring-0:4.3.9-3.35
- php-mysql-0:4.3.9-3.35
- php-ncurses-0:4.3.9-3.35
- php-odbc-0:4.3.9-3.35
- php-pear-0:4.3.9-3.35
- php-pgsql-0:4.3.9-3.35
- php-snmp-0:4.3.9-3.35
- php-xmlrpc-0:4.3.9-3.35
|
|
refmap
via4
|
apple | APPLE-SA-2012-05-09-1 | bid | 50907 | confirm | | debian | DSA-2399 | mandriva | MDVSA-2011:197 | secunia | | suse | openSUSE-SU-2012:0426 | ubuntu | USN-1307-1 | xf | php-exifprocessifdtag-dos(71612) |
|
Last major update |
29-08-2017 - 01:30 |
Published |
29-11-2011 - 00:55 |
Last modified |
29-08-2017 - 01:30 |