Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openpkg | Openpkg | 2.1 (including) | 2.1 (including) |
Openpkg | Openpkg | 2.2 (including) | 2.2 (including) |
Openpkg | Openpkg | current (including) | current (including) |
Php | Php | 3.0 (including) | 3.0 (including) |
Php | Php | 3.0.1 (including) | 3.0.1 (including) |
Php | Php | 3.0.2 (including) | 3.0.2 (including) |
Php | Php | 3.0.3 (including) | 3.0.3 (including) |
Php | Php | 3.0.4 (including) | 3.0.4 (including) |
Php | Php | 3.0.5 (including) | 3.0.5 (including) |
Php | Php | 3.0.6 (including) | 3.0.6 (including) |
Php | Php | 3.0.7 (including) | 3.0.7 (including) |
Php | Php | 3.0.8 (including) | 3.0.8 (including) |
Php | Php | 3.0.9 (including) | 3.0.9 (including) |
Php | Php | 3.0.10 (including) | 3.0.10 (including) |
Php | Php | 3.0.11 (including) | 3.0.11 (including) |
Php | Php | 3.0.12 (including) | 3.0.12 (including) |
Php | Php | 3.0.13 (including) | 3.0.13 (including) |
Php | Php | 3.0.14 (including) | 3.0.14 (including) |
Php | Php | 3.0.15 (including) | 3.0.15 (including) |
Php | Php | 3.0.16 (including) | 3.0.16 (including) |
Php | Php | 3.0.17 (including) | 3.0.17 (including) |
Php | Php | 3.0.18 (including) | 3.0.18 (including) |
Php | Php | 4.0 (including) | 4.0 (including) |
Php | Php | 4.0.1 (including) | 4.0.1 (including) |
Php | Php | 4.0.1-patch1 (including) | 4.0.1-patch1 (including) |
Php | Php | 4.0.1-patch2 (including) | 4.0.1-patch2 (including) |
Php | Php | 4.0.2 (including) | 4.0.2 (including) |
Php | Php | 4.0.3 (including) | 4.0.3 (including) |
Php | Php | 4.0.3-patch1 (including) | 4.0.3-patch1 (including) |
Php | Php | 4.0.4 (including) | 4.0.4 (including) |
Php | Php | 4.0.5 (including) | 4.0.5 (including) |
Php | Php | 4.0.6 (including) | 4.0.6 (including) |
Php | Php | 4.0.7 (including) | 4.0.7 (including) |
Php | Php | 4.0.7-rc1 (including) | 4.0.7-rc1 (including) |
Php | Php | 4.0.7-rc2 (including) | 4.0.7-rc2 (including) |
Php | Php | 4.0.7-rc3 (including) | 4.0.7-rc3 (including) |
Php | Php | 4.1.0 (including) | 4.1.0 (including) |
Php | Php | 4.1.1 (including) | 4.1.1 (including) |
Php | Php | 4.1.2 (including) | 4.1.2 (including) |
Php | Php | 4.2 (including) | 4.2 (including) |
Php | Php | 4.2.0 (including) | 4.2.0 (including) |
Php | Php | 4.2.1 (including) | 4.2.1 (including) |
Php | Php | 4.2.2 (including) | 4.2.2 (including) |
Php | Php | 4.2.3 (including) | 4.2.3 (including) |
Php | Php | 4.3.0 (including) | 4.3.0 (including) |
Php | Php | 4.3.1 (including) | 4.3.1 (including) |
Php | Php | 4.3.2 (including) | 4.3.2 (including) |
Php | Php | 4.3.3 (including) | 4.3.3 (including) |
Php | Php | 4.3.4 (including) | 4.3.4 (including) |
Php | Php | 4.3.5 (including) | 4.3.5 (including) |
Php | Php | 4.3.6 (including) | 4.3.6 (including) |
Php | Php | 4.3.7 (including) | 4.3.7 (including) |
Php | Php | 4.3.8 (including) | 4.3.8 (including) |
Php | Php | 4.3.9 (including) | 4.3.9 (including) |
Php | Php | 5.0-rc1 (including) | 5.0-rc1 (including) |
Php | Php | 5.0-rc2 (including) | 5.0-rc2 (including) |
Php | Php | 5.0-rc3 (including) | 5.0-rc3 (including) |
Php | Php | 5.0.0 (including) | 5.0.0 (including) |
Php | Php | 5.0.1 (including) | 5.0.1 (including) |
Php | Php | 5.0.2 (including) | 5.0.2 (including) |
Red Hat Enterprise Linux 3 | RedHat | php-0:4.3.2-19.ent | * |
Red Hat Enterprise Linux 4 | RedHat | php-0:4.3.9-3.2 | * |
Php4 | Ubuntu | dapper | * |
Php4 | Ubuntu | edgy | * |
Php5 | Ubuntu | dapper | * |
Php5 | Ubuntu | devel | * |
Php5 | Ubuntu | edgy | * |
Php5 | Ubuntu | feisty | * |