OSVDB ID: 15184 Title: PHP image.c php_next_marker Function JPEG Processing DoS |
Info |
|
|
Dates |
||||
|
|
Description |
PHP contains a flaw that may allow a remote attacker to cause a denial of service. The issue is due to the php_next_marker function in image.c, as reachable by the getimagesize PHP function, not properly sanitizing user-supplied input. By supplying a negative length value to the php_stream_seek, an attacker can cause an infinite loop and exhaust system resources. |
Classification |
Location:
Remote / Network Access
Attack Type: Denial of Service, Input Manipulation Impact: Loss of Availability Exploit: Exploit Rumored Disclosure: OSVDB Verified, Vendor Verified |
Solution |
Upgrade to version 4.3.11, 5.0.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. |
Products |
|
Credit |
|