CVE-2005-3353 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2005-3353
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-3353

Description: The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/24351 UBUNTU http://www.ubuntulinux.org/usn/usn-232-1/document_view TURBO http://www.turbolinux.com/security/2006/TLSA-2006-38.txt SUSE http://www.securityfocus.com/archive/1/archive/1/419504/100/0/threaded SREASON http://securityreason.com/securityalert/525 SAID Secunia Advisory: SA22713 Secunia Advisory: SA22691 Secunia Advisory: SA17557 Secunia Advisory: SA17531 Secunia Advisory: SA17490 Secunia Advisory: SA19064 Secunia Advisory: SA18054 Secunia Advisory: SA17371 Secunia Advisory: SA18198 REDHAT http://rhn.redhat.com/errata/RHSA-2005-831.html OPENPKG http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html MISC http://bugs.php.net/bug.php?id=34704 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2005:213 HP http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522 FEDORA http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html DEBIAN http://www.debian.org/security/2006/dsa-1206 CONFIRM http://docs.info.apple.com/article.html?artnum=303382 http://www.php.net/ChangeLog-4.php#4.4.1 CERT http://www.us-cert.gov/cas/techalerts/TA06-062A.html BID 15358 16907 APPLE http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html

Return to the previous page.