ByteOS Network

CVE Vulnerability Details :

CVE-2011-0708

PUBLISHED

More Info Official Page

Assigner-redhat

Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749

Published At-20 Mar, 2011 | 01:00

Updated At-06 Aug, 2024 | 21:58

▼CVE Numbering Authority (CNA)

exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://marc.info/?l=bugtraq&m=133469208622507&w=2	vendor-advisory x_refsource_HP
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html	vendor-advisory x_refsource_FEDORA
http://www.vupen.com/english/advisories/2011/0764	vdb-entry x_refsource_VUPEN
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html	vendor-advisory x_refsource_FEDORA
http://www.exploit-db.com/exploits/16261/	exploit x_refsource_EXPLOIT-DB
https://bugzilla.redhat.com/show_bug.cgi?id=680972	x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2011:053	vendor-advisory x_refsource_MANDRIVA
http://www.debian.org/security/2011/dsa-2266	vendor-advisory x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2011/0890	vdb-entry x_refsource_VUPEN
http://www.php.net/releases/5_3_6.php	x_refsource_CONFIRM
http://www.php.net/ChangeLog-5.php	x_refsource_CONFIRM
http://www.php.net/archive/2011.php	x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=133469208622507&w=2	vendor-advisory x_refsource_HP
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	vendor-advisory x_refsource_APPLE
http://bugs.php.net/bug.php?id=54002	x_refsource_CONFIRM
http://openwall.com/lists/oss-security/2011/02/16/7	mailing-list x_refsource_MLIST
http://www.redhat.com/support/errata/RHSA-2011-1423.html	vendor-advisory x_refsource_REDHAT
http://openwall.com/lists/oss-security/2011/02/14/1	mailing-list x_refsource_MLIST
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html	vendor-advisory x_refsource_FEDORA
http://www.mandriva.com/security/advisories?name=MDVSA-2011:052	vendor-advisory x_refsource_MANDRIVA
http://securityreason.com/securityalert/8114	third-party-advisory x_refsource_SREASON
http://www.securityfocus.com/bid/46365	vdb-entry x_refsource_BID
http://www.vupen.com/english/advisories/2011/0744	vdb-entry x_refsource_VUPEN
http://rhn.redhat.com/errata/RHSA-2012-0071.html	vendor-advisory x_refsource_REDHAT
http://support.apple.com/kb/HT5002	x_refsource_CONFIRM
http://svn.php.net/viewvc?view=revision&revision=308316	x_refsource_CONFIRM

Hyperlink: http://marc.info/?l=bugtraq&m=133469208622507&w=2

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html

Resource:

vendor-advisory

x_refsource_FEDORA

Hyperlink: http://www.vupen.com/english/advisories/2011/0764

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html

Resource:

vendor-advisory

x_refsource_FEDORA

Hyperlink: http://www.exploit-db.com/exploits/16261/

Resource:

exploit

x_refsource_EXPLOIT-DB

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=680972

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:053

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://www.debian.org/security/2011/dsa-2266

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://www.vupen.com/english/advisories/2011/0890

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.php.net/releases/5_3_6.php

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.php.net/ChangeLog-5.php

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.php.net/archive/2011.php

Resource:

x_refsource_CONFIRM

Hyperlink: http://marc.info/?l=bugtraq&m=133469208622507&w=2

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

Resource:

vendor-advisory

x_refsource_APPLE

Hyperlink: http://bugs.php.net/bug.php?id=54002

Resource:

x_refsource_CONFIRM

Hyperlink: http://openwall.com/lists/oss-security/2011/02/16/7

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1423.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://openwall.com/lists/oss-security/2011/02/14/1

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html

Resource:

vendor-advisory

x_refsource_FEDORA

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:052

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://securityreason.com/securityalert/8114

Resource:

third-party-advisory

x_refsource_SREASON

Hyperlink: http://www.securityfocus.com/bid/46365

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://www.vupen.com/english/advisories/2011/0744

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-0071.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://support.apple.com/kb/HT5002

Resource:

x_refsource_CONFIRM

Hyperlink: http://svn.php.net/viewvc?view=revision&revision=308316

Resource:

x_refsource_CONFIRM

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://marc.info/?l=bugtraq&m=133469208622507&w=2	vendor-advisory x_refsource_HP x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html	vendor-advisory x_refsource_FEDORA x_transferred
http://www.vupen.com/english/advisories/2011/0764	vdb-entry x_refsource_VUPEN x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html	vendor-advisory x_refsource_FEDORA x_transferred
http://www.exploit-db.com/exploits/16261/	exploit x_refsource_EXPLOIT-DB x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=680972	x_refsource_CONFIRM x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2011:053	vendor-advisory x_refsource_MANDRIVA x_transferred
http://www.debian.org/security/2011/dsa-2266	vendor-advisory x_refsource_DEBIAN x_transferred
http://www.vupen.com/english/advisories/2011/0890	vdb-entry x_refsource_VUPEN x_transferred
http://www.php.net/releases/5_3_6.php	x_refsource_CONFIRM x_transferred
http://www.php.net/ChangeLog-5.php	x_refsource_CONFIRM x_transferred
http://www.php.net/archive/2011.php	x_refsource_CONFIRM x_transferred
http://marc.info/?l=bugtraq&m=133469208622507&w=2	vendor-advisory x_refsource_HP x_transferred
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	vendor-advisory x_refsource_APPLE x_transferred
http://bugs.php.net/bug.php?id=54002	x_refsource_CONFIRM x_transferred
http://openwall.com/lists/oss-security/2011/02/16/7	mailing-list x_refsource_MLIST x_transferred
http://www.redhat.com/support/errata/RHSA-2011-1423.html	vendor-advisory x_refsource_REDHAT x_transferred
http://openwall.com/lists/oss-security/2011/02/14/1	mailing-list x_refsource_MLIST x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html	vendor-advisory x_refsource_FEDORA x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2011:052	vendor-advisory x_refsource_MANDRIVA x_transferred
http://securityreason.com/securityalert/8114	third-party-advisory x_refsource_SREASON x_transferred
http://www.securityfocus.com/bid/46365	vdb-entry x_refsource_BID x_transferred
http://www.vupen.com/english/advisories/2011/0744	vdb-entry x_refsource_VUPEN x_transferred
http://rhn.redhat.com/errata/RHSA-2012-0071.html	vendor-advisory x_refsource_REDHAT x_transferred
http://support.apple.com/kb/HT5002	x_refsource_CONFIRM x_transferred
http://svn.php.net/viewvc?view=revision&revision=308316	x_refsource_CONFIRM x_transferred