Description
The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value.
Remediation
References
Related Vulnerabilities
WordPress Plugin Import and export users and customers Cross-Site Scripting (1.12)
Drupal Core 8.x.x Cross-Site Scripting (8.0.0 - 8.4.8)
WordPress Plugin YITH WooCommerce Ajax Search Unspecified Vulnerability (1.2.7)
Oracle JRE CVE-2022-21277 Vulnerability (CVE-2022-21277)
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-36396)