PHP Exif Extension 'exif_read_data()' Function Remote DoS - [CVE: 2011-0708]

2011-02-28 21:15:06

Source: http://www.securityfocus.com/bid/46365/info

PHP is prone to a denial-of-service vulnerability that affects the Exif extension.

Successfully exploiting this vulnerability allows remote attackers to cause denial-of-service conditions in the context of an application using the vulnerable extension.

NOTE: this issue affects only 64-bit platforms.

PHP 5.3.5 and prior versions are vulnerable.

PoC: http://www.exploit-db.com/sploits/16261.zip

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.