Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2005-3353

The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image.

Related bugs and status

CVE-2005-3353 (Candidate) is related to these bugs:

Bug #24363: php-pear: pear upgrade-all gives me Fatal error: Cannot instantiate

Summary				In	Importance	Status
	24363	php-pear: pear upgrade-all gives me Fatal error: Cannot instantiate		php5 (Ubuntu)	High	Invalid
	24363	php-pear: pear upgrade-all gives me Fatal error: Cannot instantiate		php5 (Debian)	Unknown	Fix Released

Bug #24857: PHP 5.0.5 fixes security bugs

Summary				In	Importance	Status
	24857	PHP 5.0.5 fixes security bugs		php5 (Ubuntu)	High	Fix Released
	24857	PHP 5.0.5 fixes security bugs		php5 (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://bugs.php.net/bu...
MISC: http://www.securityfoc...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://securityreason....
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://lists.apple.com...
MISC: http://www.debian.org/...
MISC: http://www.fedoralegac...
MISC: http://itrc.hp.com/ser...
MISC: http://www.mandriva.co...
MISC: http://www.openpkg.org...
MISC: http://rhn.redhat.com/...
MISC: http://www.securityfoc...
MISC: http://www.us-cert.gov...
MISC: http://www.turbolinux....
MISC: https://www.ubuntu.com...
MISC: http://docs.info.apple...
MISC: http://www.php.net/Cha...
MISC: https://oval.cisecurit...
MISC: https://exchange.xforc...