Test Kennung:	1.3.6.1.4.1.25623.1.0.802349
Kategorie:	Denial of Service
Titel:	PHP EXIF Header Denial of Service Vulnerability (Windows)
Zusammenfassung:	PHP is prone to a denial of service (DoS) vulnerability.
Beschreibung:	Summary: PHP is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to an integer overflow error in 'exif_process_IFD_TAG' function in the 'ext/exif/exif.c' file, Allows remote attackers to cause denial of service via crafted offset_val value in an EXIF header. Vulnerability Impact: Successful exploitation allows remote attackers to execute arbitrary code, obtain sensitive information or cause a denial of service. Affected Software/OS: PHP version 5.4.0 beta 2 on Windows. Solution: Update to PHP version 5.4.0 beta 4 or later. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4566 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html BugTraq ID: 50907 http://www.securityfocus.com/bid/50907 Debian Security Information: DSA-2399 (Google Search) http://www.debian.org/security/2012/dsa-2399 http://www.mandriva.com/security/advisories?name=MDVSA-2011:197 http://www.redhat.com/support/errata/RHSA-2012-0019.html RedHat Security Advisories: RHSA-2012:0071 http://rhn.redhat.com/errata/RHSA-2012-0071.html http://secunia.com/advisories/47253 http://secunia.com/advisories/48668 SuSE Security Announcement: openSUSE-SU-2012:0426 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html https://www.ubuntu.com/usn/USN-1307-1/ XForce ISS Database: php-exifprocessifdtag-dos(71612) https://exchange.xforce.ibmcloud.com/vulnerabilities/71612
Copyright	Copyright (C) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.