| Vulnerability Name: | CVE-2005-0525 (CCN-19924) | ||||||||||||||||||||||||||||
| Assigned: | 2005-03-31 | ||||||||||||||||||||||||||||
| Published: | 2005-03-31 | ||||||||||||||||||||||||||||
| Updated: | 2018-05-03 | ||||||||||||||||||||||||||||
| Summary: | The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek. | ||||||||||||||||||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||||||||||||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||||||||||
| References: | Source: CCN Type: Neohapsis Archive - Bugtraq #0294 SECURITY] [DSA 729-1] New PHP4 packages fix denial of service Source: MITRE Type: CNA CVE-2005-0525 Source: APPLE Type: UNKNOWN APPLE-SA-2005-06-08 Source: CCN Type: RHSA-2005-405 PHP security update Source: CCN Type: RHSA-2005-406 PHP security update Source: CCN Type: SA14792 PHP Multiple Vulnerabilities Source: SECUNIA Type: Patch 14792 Source: CCN Type: SECTRACK ID: 1013619 PHP Infinite Loops in getimagesize() Lets Users Deny Service Source: SECTRACK Type: UNKNOWN 1013619 Source: CCN Type: CIAC INFORMATION BULLETIN P-197 PHP Security Bugs Source: DEBIAN Type: Patch DSA-708 Source: DEBIAN Type: UNKNOWN DSA-729 Source: DEBIAN Type: DSA-708 php3 -- missing input sanitising Source: DEBIAN Type: DSA-729 php4 -- missing input sanitising Source: CCN Type: GLSA-200504-15 PHP: Multiple vulnerabilities Source: GENTOO Type: UNKNOWN GLSA-200504-15 Source: CCN Type: iDEFENSE Security Advisory 03.31.05 PHP getimagesize() Multiple Denial of Service Vulnerabilities Source: MANDRAKE Type: UNKNOWN MDKSA-2005:072 Source: OSVDB Type: UNKNOWN 15184 Source: CCN Type: OSVDB ID: 15184 PHP image.c php_next_marker Function JPEG Processing DoS Source: CCN Type: PHP Web site PHP 5.0.4 and 4.3.11 Released Source: REDHAT Type: UNKNOWN RHSA-2005:405 Source: REDHAT Type: UNKNOWN RHSA-2005:406 Source: IDEFENSE Type: Exploit, Vendor Advisory 20050331 PHP getimagesize() Multiple Denial of Service Vulnerabilities Source: CCN Type: BID-12963 PHP Group PHP Remote JPEG File Format Remote Denial Of Service Vulnerability Source: CCN Type: TLSA-2005-50 Multiple vulnerabilities exist in php Source: CCN Type: USN-105-1 PHP4 vulnerabilities Source: VUPEN Type: UNKNOWN ADV-2005-0305 Source: XF Type: UNKNOWN php-phphandlejpeg-dos(19924) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:11703 Source: SUSE Type: SUSE-SA:2005:023 php4 php5: remote denial of service | ||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||