← Volver a CVEs
CVE-2011-0708
N/ADescripcion
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado3/20/2011
Ultima modificacion4/29/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
php:php
Debilidades (CWE)
CWE-119
Referencias
http://bugs.php.net/bug.php?id=54002(secalert@redhat.com)
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html(secalert@redhat.com)
http://marc.info/?l=bugtraq&m=133469208622507&w=2(secalert@redhat.com)
http://openwall.com/lists/oss-security/2011/02/14/1(secalert@redhat.com)
http://openwall.com/lists/oss-security/2011/02/16/7(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2012-0071.html(secalert@redhat.com)
http://securityreason.com/securityalert/8114(secalert@redhat.com)
http://support.apple.com/kb/HT5002(secalert@redhat.com)
http://svn.php.net/viewvc?view=revision&revision=308316(secalert@redhat.com)
http://www.debian.org/security/2011/dsa-2266(secalert@redhat.com)
http://www.exploit-db.com/exploits/16261/(secalert@redhat.com)
http://www.mandriva.com/security/advisories?name=MDVSA-2011:052(secalert@redhat.com)
http://www.mandriva.com/security/advisories?name=MDVSA-2011:053(secalert@redhat.com)
http://www.php.net/ChangeLog-5.php(secalert@redhat.com)
http://www.php.net/archive/2011.php(secalert@redhat.com)
http://www.php.net/releases/5_3_6.php(secalert@redhat.com)
http://www.redhat.com/support/errata/RHSA-2011-1423.html(secalert@redhat.com)
http://www.securityfocus.com/bid/46365(secalert@redhat.com)
http://www.vupen.com/english/advisories/2011/0744(secalert@redhat.com)
http://www.vupen.com/english/advisories/2011/0764(secalert@redhat.com)
http://www.vupen.com/english/advisories/2011/0890(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=680972(secalert@redhat.com)
http://bugs.php.net/bug.php?id=54002(af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=133469208622507&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://openwall.com/lists/oss-security/2011/02/14/1(af854a3a-2127-422b-91ae-364da2661108)
http://openwall.com/lists/oss-security/2011/02/16/7(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2012-0071.html(af854a3a-2127-422b-91ae-364da2661108)
http://securityreason.com/securityalert/8114(af854a3a-2127-422b-91ae-364da2661108)
http://support.apple.com/kb/HT5002(af854a3a-2127-422b-91ae-364da2661108)
http://svn.php.net/viewvc?view=revision&revision=308316(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2011/dsa-2266(af854a3a-2127-422b-91ae-364da2661108)
http://www.exploit-db.com/exploits/16261/(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2011:052(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2011:053(af854a3a-2127-422b-91ae-364da2661108)
http://www.php.net/ChangeLog-5.php(af854a3a-2127-422b-91ae-364da2661108)
http://www.php.net/archive/2011.php(af854a3a-2127-422b-91ae-364da2661108)
http://www.php.net/releases/5_3_6.php(af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2011-1423.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/46365(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0744(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0764(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0890(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=680972(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.