Description
Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count.
Remediation
References
Related Vulnerabilities
WordPress Plugin Pressbooks Textbook Cross-Site Scripting (1.2.5)
WordPress Plugin Sync to Etsy Marketplace from WooCommerce Cross-Site Request Forgery (3.3.1)
WordPress Plugin ZdStatistics Cross-Site Scripting (2.0.1)
Drupal Core 7.x Directory Traversal (7.0 - 7.81)
WordPress Plugin oQey Headers 'oqey_settings.php' SQL Injection (0.3)