Description
The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value.
Remediation
References
Related Vulnerabilities
Apache 2.x version older than 2.2.8
WordPress Plugin Simple Download Monitor Multiple Vulnerabilities (3.2.8)
WordPress Plugin RestroPress-Online Food Ordering System Cross-Site Request Forgery (2.8.2)
WordPress Plugin Gallery Master-Responsive Photo Galleries & Albums Cross-Site Scripting (1.0.22)
WordPress Plugin Rent-A-Car TimThumb Arbitrary File Upload (1.0)