CVE-2014-3670 in PHPinformação

Sumário

de MITRE

The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservar

14/05/2014

Divulgação

29/10/2014

Moderação

aceite

Entrada

VDB-68044

CPE

pronto

EPSS

0.22633

KEV

não

Atividades

muito baixo

Fontes

Want to know what is going to be exploited?

We predict KEV entries!