Description

The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image.

Remediation

References

CVE-2005-3353

Related Vulnerabilities

OpenSSL Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2009-1378)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0287)

Joomla Incorrect Authorization Vulnerability (CVE-2021-26027)

Oracle JRE CVE-2023-21930 Vulnerability (CVE-2023-21930)

WordPress Plugin WP Discourse Unspecified Vulnerability (0.9.7)

Severity

Medium

Classification

CVE-2005-3353

Tags

Missing Update Known Vulnerabilities