CVE-2005-1043
published 2005-04-14CVE-2005-1043: exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting…
PriorityP419medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
1.93%
77.4th percentile
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
Affected
49 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x_server | — | — |
| apple | mac_os_x_server | — | — |
| apple | mac_os_x_server | — | — |
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| peachtree | peachtree_linux | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| sgi | propack | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q2c2-w3x6-jhjj: exif
ghsa_unreviewed·2022-05-01
CVE-2005-1043 [MEDIUM] GHSA-q2c2-w3x6-jhjj: exif
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
Ubuntu
PHP4 vulnerabilities
vendor_ubuntu·2005-04-14
CVE-2005-1042 PHP4 vulnerabilities
Title: PHP4 vulnerabilities
Summary: PHP4 vulnerabilities
An integer overflow was discovered in the exif_process_IFD_TAG()
function in PHP4's EXIF module. EXIF tags with a specially crafted
"Image File Directory" (IFD) tag caused a buffer overflow which could
have been exploited to execute arbitrary code with the privileges of
the PHP4 server. (CAN-2005-1042)
The same module also contained a Denial of Service vulnerability. EXIF
headers with a large IFD nesting level caused an unbound recursion
which would eventually overflow the stack and cause the executed
program to crash. (CAN-2005-1043)
In web applications that automatically process EXIF tags of uploaded
images, both vulnerabilities could be exploited remotely.
Instructions: In general, a standard system update will make all the
Red Hat
security flaw
vendor_redhat·2005-03-31·CVSS 5.0
CVE-2005-1043 [MEDIUM] security flaw
security flaw
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
No detection rules found.
No public exploits indexed.
http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=uhttp://lists.apple.com/archives/security-announce/2005/Jun/msg00000.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200504-15.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:072http://www.redhat.com/support/errata/RHSA-2005-406.htmlhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10307https://usn.ubuntu.com/112-1/http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=uhttp://lists.apple.com/archives/security-announce/2005/Jun/msg00000.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200504-15.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:072http://www.redhat.com/support/errata/RHSA-2005-406.htmlhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10307https://usn.ubuntu.com/112-1/
2005-04-14
Published