• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

PHP Group PHP Remote JPEG File Format Remote Denial Of Service Vulnerability

A remote denial of service vulnerability affects PHP Group PHP. This issue is due to a failure of the application to properly handle maliciously crafted JPEG image files.

It should be noted that this vulnerability can only be exploited remotely if a Web based PHP application is implemented that allows user-supplied images to be processed by the 'getimagesize()' function. The 'getimagesize()' is commonly implemented in PHP Web applications that allow for the display of images.

An attacker may leverage this issue to cause the affected script interpreter to consume excessive processing resources on an affected computer, leading to a denial of service condition.