Description

Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708.

Remediation

References

CVE-2011-4566

Related Vulnerabilities

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32669)

WordPress Plugin Event List SQL Injection (0.7.8)

Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-9490)

Apache Tomcat Improper Input Validation Vulnerability (CVE-2016-6816)

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.3)

Severity

Medium

Classification

CVE-2011-4566

Tags

Missing Update Known Vulnerabilities