PHP 'exif_process_unicode()' Function Remote Code Execution Vulnerability

PHP is prone to a remote code-execution vulnerability.

Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of a webserver. Failed attempts will likely result in denial-of-service conditions.

The following are vulnerable:

PHP 5.4.x prior to 5.4.37
PHP 5.5.x prior to 5.5.21
PHP 5.6.x prior to 5.6.5


 

Privacy Statement
Copyright 2010, SecurityFocus