Description
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
Remediation
References
Related Vulnerabilities
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9410)
WordPress Plugin Image News slider 'upload.php' Arbitrary File Upload (3.3)
Oracle JRE CVE-2013-5843 Vulnerability (CVE-2013-5843)
Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-49767)
SharePoint Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-1103)