• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

PHP Group Exif Module IFD Tag Integer Overflow Vulnerability

PHP is prone to an integer overflow vulnerability in the EXIF module. This issue is exposed when malformed IFD (Image File Directory) tags are processed.

This issue could manifest itself in Web applications that allow users to upload images. Any other application that processes untrusted EXIF image data could also be exposed to attacks. Successful exploitation may allow for execution of arbitrary code.

This vulnerability may be one of the issues described in BID 13143 "PHP Group PHP Multiple Unspecified Vulnerabilities".