Vulnerability in Apple Mac_os_x
CVE-2005-1043
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
EPSS: 0.019 (77.3th percentile) — read the EPSS interpretation.
Affected products
- Apple Mac_os_x — versions 10.3.9, 10.4, 10.4.1
- Apple Mac_os_x_server — versions 10.3.9, 10.4, 10.4.1
- Conectiva Linux — versions 9.0, 10.0
- Peachtree Peachtree_linux — versions release_1
- Php — versions 4.3.0, 4.3.1, 4.3.2
- Sgi Propack — versions 3.0
- Suse Suse_linux — versions 1.0, 2.0, 3.0
- N/a — versions n/a
References
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
- secalert@redhat.com (vendor-advisory, x_refsource_MANDRAKE)
- secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)
- secalert@redhat.com (vendor-advisory, Patch, x_refsource_GENTOO, Vendor Advisory)
- secalert@redhat.com (vendor-advisory, x_refsource_APPLE)
- secalert@redhat.com (x_refsource_OVAL, signature, vdb-entry)
- secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory)
- secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)