CVE-2004-1065
published 2005-01-10CVE-2004-1065: Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long…
PriorityP335critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
10.04%
95.0th percentile
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
Affected
56 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| openpkg | openpkg | — | — |
| openpkg | openpkg | — | — |
| openpkg | openpkg | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
PHP vulnerabilities
vendor_ubuntu·2004-12-17
CVE-2004-1019 PHP vulnerabilities
Title: PHP vulnerabilities
Summary: PHP vulnerabilities
Stefan Esser reported several buffer overflows in PHP's variable unserializing
handling. These could allow an attacker to execute arbitrary code on the server
with the PHP interpreter's privileges by sending specially crafted input
strings (form data, cookie values, and similar).
Additionally, Ilia Alshanetsky discovered a buffer overflow in the
exif_read_data() function. Attackers could execute arbitrary code on the server
by sending a JPEG image with a very long "sectionname" value to PHP
applications that support image uploads.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
security flaw
vendor_redhat·2004-12-15·CVSS 10.0
CVE-2004-1065 [CRITICAL] security flaw
security flaw
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
GHSA
GHSA-vhmx-6whg-m8hv: Buffer overflow in the exif_read_data function in PHP before 4
ghsa_unreviewed·2022-04-29
CVE-2004-1065 [HIGH] GHSA-vhmx-6whg-m8hv: Buffer overflow in the exif_read_data function in PHP before 4
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
No detection rules found.
No public exploits indexed.
http://msgs.securepoint.com/cgi-bin/get/bugtraq0412/157.htmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2004:151http://www.novell.com/linux/security/advisories/2005_02_php4_mod_php4.htmlhttp://www.php.net/release_4_3_10.phphttp://www.redhat.com/support/errata/RHSA-2004-687.htmlhttp://www.redhat.com/support/errata/RHSA-2005-032.htmlhttp://www.securityfocus.com/advisories/9028https://bugzilla.fedora.us/show_bug.cgi?id=2344https://exchange.xforce.ibmcloud.com/vulnerabilities/18517https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10877http://msgs.securepoint.com/cgi-bin/get/bugtraq0412/157.htmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2004:151http://www.novell.com/linux/security/advisories/2005_02_php4_mod_php4.htmlhttp://www.php.net/release_4_3_10.phphttp://www.redhat.com/support/errata/RHSA-2004-687.htmlhttp://www.redhat.com/support/errata/RHSA-2005-032.htmlhttp://www.securityfocus.com/advisories/9028https://bugzilla.fedora.us/show_bug.cgi?id=2344https://exchange.xforce.ibmcloud.com/vulnerabilities/18517https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10877
2005-01-10
Published