[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249966

 
 

909

 
 

195636

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-1043Date: (C)2005-04-14   (M)2023-12-22


exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
APPLE-SA-2005-06-08
GLSA-200504-15
MDKSA-2005:072
RHSA-2005:406
USN-112-1
http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=u
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025
oval:org.mitre.oval:def:10307

CPE    50
cpe:/o:apple:mac_os_x_server:10.3.9
cpe:/o:conectiva:linux:9.0
cpe:/o:suse:suse_linux:9.2
cpe:/o:suse:suse_linux:9.3
...

© SecPod Technologies