Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3353

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-3353
Last Modified 07 Mar 2011 09:26:24
Published 18 Nov 2005 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3353

Summary

The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image.

Vulnerable Systems

Application

  • Php 4.0.0

  • Php 4.0.1

  • Php 4.0.2

  • Php 4.0.3

  • Php 4.0.4

  • Php 4.0.5

  • Php 4.0.6

  • Php 4.1.0

  • Php 4.1.1

  • Php 4.1.2

  • Php 4.2.0

  • Php 4.2.1

  • Php 4.2.2

  • Php 4.2.3

  • Php 4.3

  • Php 4.3.1

  • Php 4.3.10

  • Php 4.3.11

  • Php 4.3.2

  • Php 4.3.3

  • Php 4.3.4

  • Php 4.3.5

  • Php 4.3.6

  • Php 4.3.7

  • Php 4.3.8

  • Php 4.3.9

  • Php 4.4.0


References

CERT - TA06-062A

MISC - http://bugs.php.net/bug.php?id=34704

VUPEN - ADV-2006-4320

VUPEN - ADV-2006-0791

UBUNTU - USN-232-1

BID - 15358

SUSE - SUSE-SA:2005:069

CONFIRM - http://www.php.net/ChangeLog-4.php#4.4.1

OPENPKG - OpenPKG-SA-2005.027

FEDORA - FLSA:166943

SECUNIA - 18198

SECUNIA - 18054

SECUNIA - 17371

REDHAT - RHSA-2005:831

HP - HPSBMA02159

XF - php-exif-dos(24351)

TURBO - TLSA-2006-38

BID - 16907

MANDRIVA - MDKSA-2005:213

DEBIAN - DSA-1206

SREASON - 525

SECUNIA - 22713

SECUNIA - 22691

SECUNIA - 19064

SECUNIA - 17557

SECUNIA - 17531

SECUNIA - 17490

APPLE - APPLE-SA-2006-03-01

CONFIRM - http://docs.info.apple.com/article.html?artnum=303382

HP - SSRT061238


Last Updated: 27 May 2016 10:40:45