1. CVE-Search
  2. CVE-2011-4566
ID CVE-2011-4566
Summary Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708.
References
Vulnerable Configurations
  • cpe:2.3:a:php:php:5.4.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.4.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.0:alpha1:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.0:alpha1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.0:alpha2:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.0:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.0:alpha3:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.0:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.1:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.1:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.1:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.1:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.1:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.1:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.1:rc4:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.1:rc4:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.2:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.2:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.2:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.2:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.2:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.2:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.3:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.3:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.3:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.3:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.3:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.3:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.3:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.3:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.4:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.4:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.4:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.4:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.4:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.4:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.6:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.6:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.6:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.6:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.6:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.6:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.7:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.7:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.7:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.7:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.7:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.7:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.7:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.7:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.7:rc4:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.7:rc4:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.7:rc5:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.7:rc5:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
CVSS
Base: 6.4 (as of 29-08-2022 - 20:11)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2012:0019
  • rhsa
    id RHSA-2012:0071
rpms
  • php-0:5.3.3-3.el6_2.5
  • php-bcmath-0:5.3.3-3.el6_2.5
  • php-cli-0:5.3.3-3.el6_2.5
  • php-common-0:5.3.3-3.el6_2.5
  • php-dba-0:5.3.3-3.el6_2.5
  • php-debuginfo-0:5.3.3-3.el6_2.5
  • php-devel-0:5.3.3-3.el6_2.5
  • php-embedded-0:5.3.3-3.el6_2.5
  • php-enchant-0:5.3.3-3.el6_2.5
  • php-gd-0:5.3.3-3.el6_2.5
  • php-imap-0:5.3.3-3.el6_2.5
  • php-intl-0:5.3.3-3.el6_2.5
  • php-ldap-0:5.3.3-3.el6_2.5
  • php-mbstring-0:5.3.3-3.el6_2.5
  • php-mysql-0:5.3.3-3.el6_2.5
  • php-odbc-0:5.3.3-3.el6_2.5
  • php-pdo-0:5.3.3-3.el6_2.5
  • php-pgsql-0:5.3.3-3.el6_2.5
  • php-process-0:5.3.3-3.el6_2.5
  • php-pspell-0:5.3.3-3.el6_2.5
  • php-recode-0:5.3.3-3.el6_2.5
  • php-snmp-0:5.3.3-3.el6_2.5
  • php-soap-0:5.3.3-3.el6_2.5
  • php-tidy-0:5.3.3-3.el6_2.5
  • php-xml-0:5.3.3-3.el6_2.5
  • php-xmlrpc-0:5.3.3-3.el6_2.5
  • php-zts-0:5.3.3-3.el6_2.5
  • php53-0:5.3.3-1.el5_7.5
  • php53-bcmath-0:5.3.3-1.el5_7.5
  • php53-cli-0:5.3.3-1.el5_7.5
  • php53-common-0:5.3.3-1.el5_7.5
  • php53-dba-0:5.3.3-1.el5_7.5
  • php53-debuginfo-0:5.3.3-1.el5_7.5
  • php53-devel-0:5.3.3-1.el5_7.5
  • php53-gd-0:5.3.3-1.el5_7.5
  • php53-imap-0:5.3.3-1.el5_7.5
  • php53-intl-0:5.3.3-1.el5_7.5
  • php53-ldap-0:5.3.3-1.el5_7.5
  • php53-mbstring-0:5.3.3-1.el5_7.5
  • php53-mysql-0:5.3.3-1.el5_7.5
  • php53-odbc-0:5.3.3-1.el5_7.5
  • php53-pdo-0:5.3.3-1.el5_7.5
  • php53-pgsql-0:5.3.3-1.el5_7.5
  • php53-process-0:5.3.3-1.el5_7.5
  • php53-pspell-0:5.3.3-1.el5_7.5
  • php53-snmp-0:5.3.3-1.el5_7.5
  • php53-soap-0:5.3.3-1.el5_7.5
  • php53-xml-0:5.3.3-1.el5_7.5
  • php53-xmlrpc-0:5.3.3-1.el5_7.5
  • php-0:5.1.6-27.el5_7.4
  • php-bcmath-0:5.1.6-27.el5_7.4
  • php-cli-0:5.1.6-27.el5_7.4
  • php-common-0:5.1.6-27.el5_7.4
  • php-dba-0:5.1.6-27.el5_7.4
  • php-debuginfo-0:5.1.6-27.el5_7.4
  • php-devel-0:5.1.6-27.el5_7.4
  • php-gd-0:5.1.6-27.el5_7.4
  • php-imap-0:5.1.6-27.el5_7.4
  • php-ldap-0:5.1.6-27.el5_7.4
  • php-mbstring-0:5.1.6-27.el5_7.4
  • php-mysql-0:5.1.6-27.el5_7.4
  • php-ncurses-0:5.1.6-27.el5_7.4
  • php-odbc-0:5.1.6-27.el5_7.4
  • php-pdo-0:5.1.6-27.el5_7.4
  • php-pgsql-0:5.1.6-27.el5_7.4
  • php-snmp-0:5.1.6-27.el5_7.4
  • php-soap-0:5.1.6-27.el5_7.4
  • php-xml-0:5.1.6-27.el5_7.4
  • php-xmlrpc-0:5.1.6-27.el5_7.4
  • php-0:4.3.9-3.35
  • php-debuginfo-0:4.3.9-3.35
  • php-devel-0:4.3.9-3.35
  • php-domxml-0:4.3.9-3.35
  • php-gd-0:4.3.9-3.35
  • php-imap-0:4.3.9-3.35
  • php-ldap-0:4.3.9-3.35
  • php-mbstring-0:4.3.9-3.35
  • php-mysql-0:4.3.9-3.35
  • php-ncurses-0:4.3.9-3.35
  • php-odbc-0:4.3.9-3.35
  • php-pear-0:4.3.9-3.35
  • php-pgsql-0:4.3.9-3.35
  • php-snmp-0:4.3.9-3.35
  • php-xmlrpc-0:4.3.9-3.35
refmap via4
apple APPLE-SA-2012-05-09-1
bid 50907
confirm
debian DSA-2399
mandriva MDVSA-2011:197
secunia
  • 47253
  • 48668
suse openSUSE-SU-2012:0426
ubuntu USN-1307-1
xf php-exifprocessifdtag-dos(71612)
Last major update 29-08-2022 - 20:11
Published 29-11-2011 - 00:55
Last modified 29-08-2022 - 20:11
Back to Top