Description
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
Remediation
References
Related Vulnerabilities
WordPress Plugin Slimstat Analytics Cross-Site Scripting (4.8)
WordPress Plugin WordPress Alipay/Tenpay/PayPal SQL Injection (3.7.2)
WordPress Plugin iThemes Security (formerly Better WP Security) Security Bypass (5.3.5)
WordPress Plugin Prevent files/folders access Cross-Site Request Forgery (1.1.1)