Signature Detail

HTTP: PHP Exif Extension Thumbnail Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the PHP. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the application.

Extended Description

The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function.

Affected Products

• Php php 5.4.0
• Php php 5.4.1
• Php php 5.4.10
• Php php 5.4.11
• Php php 5.4.12
• Php php 5.4.13
• Php php 5.4.14
• Php php 5.4.15
• Php php 5.4.16
• Php php 5.4.17
• Php php 5.4.18
• Php php 5.4.19
• Php php 5.4.2
• Php php 5.4.20
• Php php 5.4.21
• Php php 5.4.22
• Php php 5.4.23
• Php php 5.4.24
• Php php 5.4.25
• Php php 5.4.26
• Php php 5.4.27
• Php php 5.4.28
• Php php 5.4.29
• Php php 5.4.3
• Php php 5.4.30
• Php php 5.4.31
• Php php 5.4.32
• Php php 5.4.33
• Php php 5.4.4
• Php php 5.4.5
• Php php 5.4.6
• Php php 5.4.7
• Php php 5.4.8
• Php php 5.4.9
• Php php 5.5.0
• Php php 5.5.1
• Php php 5.5.10
• Php php 5.5.11
• Php php 5.5.12
• Php php 5.5.13
• Php php 5.5.14
• Php php 5.5.15
• Php php 5.5.16
• Php php 5.5.17
• Php php 5.5.2
• Php php 5.5.3
• Php php 5.5.4
• Php php 5.5.5
• Php php 5.5.6
• Php php 5.5.7
• Php php 5.5.8
• Php php 5.5.9
• Php php 5.6.0
• Php php 5.6.1

References

• CVE: CVE-2014-3670