CVE-2005-1043

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

Published : 2005-04-14 04:00 Updated : 2018-10-30 16:25

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Php Php 4.3.8 cpe:/a:php:php:4.3.8
Php Php 4.3.7 cpe:/a:php:php:4.3.7
Suse Suse Linux 6.1 cpe:/o:suse:suse_linux:6.1:alpha
Suse Suse Linux 6.4 cpe:/o:suse:suse_linux:6.4:alpha
Apple Mac Os X 10.4 cpe:/o:apple:mac_os_x:10.4
Php Php 4.3.10 cpe:/a:php:php:4.3.10
Suse Suse Linux 4.4.1 cpe:/o:suse:suse_linux:4.4.1
Suse Suse Linux 6.3 cpe:/o:suse:suse_linux:6.3:alpha
Php Php 4.3.2 cpe:/a:php:php:4.3.2
Php Php 4.3.1 cpe:/a:php:php:4.3.1
Php Php 4.3.4 cpe:/a:php:php:4.3.4
Php Php 4.3.3 cpe:/a:php:php:4.3.3
Php Php 4.3.9 cpe:/a:php:php:4.3.9
Apple Mac Os X 10.3.9 cpe:/o:apple:mac_os_x:10.3.9
Suse Suse Linux 7.3 cpe:/o:suse:suse_linux:7.3::sparc
Php Php 4.3.6 cpe:/a:php:php:4.3.6
Php Php 4.3.5 cpe:/a:php:php:4.3.5
Suse Suse Linux 7.0 cpe:/o:suse:suse_linux:7.0::sparc
Suse Suse Linux 4.4 cpe:/o:suse:suse_linux:4.4
Suse Suse Linux 6.2 cpe:/o:suse:suse_linux:6.2
Suse Suse Linux 8.0 cpe:/o:suse:suse_linux:8.0
Suse Suse Linux 4.2 cpe:/o:suse:suse_linux:4.2
Suse Suse Linux 6.3 cpe:/o:suse:suse_linux:6.3
Suse Suse Linux 7.0 cpe:/o:suse:suse_linux:7.0::i386
Suse Suse Linux 7.1 cpe:/o:suse:suse_linux:7.1::sparc
Suse Suse Linux 8.1 cpe:/o:suse:suse_linux:8.1
Suse Suse Linux 9.0 cpe:/o:suse:suse_linux:9.0::x86_64
Suse Suse Linux 6.0 cpe:/o:suse:suse_linux:6.0
Suse Suse Linux 7.2 cpe:/o:suse:suse_linux:7.2::i386
Suse Suse Linux 9.2 cpe:/o:suse:suse_linux:9.2::x86_64
Suse Suse Linux 9.1 cpe:/o:suse:suse_linux:9.1::x86_64
Suse Suse Linux 7.0 cpe:/o:suse:suse_linux:7.0::ppc
Conectiva Linux 9.0 cpe:/o:conectiva:linux:9.0
Apple Mac Os X Server 10.4.1 cpe:/o:apple:mac_os_x_server:10.4.1
Suse Suse Linux 7.3 cpe:/o:suse:suse_linux:7.3::i386
Suse Suse Linux 4.0 cpe:/o:suse:suse_linux:4.0
Suse Suse Linux 2.0 cpe:/o:suse:suse_linux:2.0
Suse Suse Linux 7.3 cpe:/o:suse:suse_linux:7.3::ppc
Suse Suse Linux 6.1 cpe:/o:suse:suse_linux:6.1
Suse Suse Linux 4.3 cpe:/o:suse:suse_linux:4.3
Suse Suse Linux 6.4 cpe:/o:suse:suse_linux:6.4
Suse Suse Linux 8.2 cpe:/o:suse:suse_linux:8.2
Suse Suse Linux 7.0 cpe:/o:suse:suse_linux:7.0:alpha
Suse Suse Linux 7.1 cpe:/o:suse:suse_linux:7.1::x86
Suse Suse Linux 7.1 cpe:/o:suse:suse_linux:7.1:alpha
Apple Mac Os X 10.4.1 cpe:/o:apple:mac_os_x:10.4.1
Apple Mac Os X Server 10.3.9 cpe:/o:apple:mac_os_x_server:10.3.9
Apple Mac Os X Server 10.4 cpe:/o:apple:mac_os_x_server:10.4
Suse Suse Linux 5.3 cpe:/o:suse:suse_linux:5.3
Conectiva Linux 10.0 cpe:/o:conectiva:linux:10.0
Suse Suse Linux 7.1 cpe:/o:suse:suse_linux:7.1
Suse Suse Linux 5.1 cpe:/o:suse:suse_linux:5.1
Suse Suse Linux 7.2 cpe:/o:suse:suse_linux:7.2
Suse Suse Linux 9.0 cpe:/o:suse:suse_linux:9.0
Sgi Propack 3.0 cpe:/a:sgi:propack:3.0
Peachtree Peachtree Linux release_1 cpe:/o:peachtree:peachtree_linux:release_1
Suse Suse Linux 8.0 cpe:/o:suse:suse_linux:8.0::i386
Suse Suse Linux 7.1 cpe:/o:suse:suse_linux:7.1::spa
Suse Suse Linux 6.3 cpe:/o:suse:suse_linux:6.3::ppc
Suse Suse Linux 6.4 cpe:/o:suse:suse_linux:6.4::i386
Suse Suse Linux 3.0 cpe:/o:suse:suse_linux:3.0
Suse Suse Linux 6.4 cpe:/o:suse:suse_linux:6.4::ppc
Suse Suse Linux 5.0 cpe:/o:suse:suse_linux:5.0
Suse Suse Linux 9.2 cpe:/o:suse:suse_linux:9.2
Suse Suse Linux 1.0 cpe:/o:suse:suse_linux:1.0
Suse Suse Linux 7.0 cpe:/o:suse:suse_linux:7.0
Suse Suse Linux 5.2 cpe:/o:suse:suse_linux:5.2
Suse Suse Linux 9.3 cpe:/o:suse:suse_linux:9.3
Suse Suse Linux 7.3 cpe:/o:suse:suse_linux:7.3
Suse Suse Linux 9.1 cpe:/o:suse:suse_linux:9.1
Php Php 4.3.0 cpe:/a:php:php:4.3.0
  1. Suse (1) Search CVE
    1. Suse Linux (28) Search CVE
      1. 6.1
      2. 6.4
      3. 4.4.1
      4. 6.3
      5. 7.3
      6. 7.0
      7. 4.4
      8. 6.2
      9. 8.0
      10. 4.2
      11. 7.1
      12. 8.1
      13. 9.0
      14. 6.0
      15. 7.2
      16. 9.2
      17. 9.1
      18. 4.0
      19. 2.0
      20. 4.3
      21. 8.2
      22. 5.3
      23. 5.1
      24. 3.0
      25. 5.0
      26. 1.0
      27. 5.2
      28. 9.3
  2. Conectiva (1) Search CVE
    1. Linux (2) Search CVE
      1. 9.0
      2. 10.0
  3. Php (1) Search CVE
    1. Php (11) Search CVE
      1. 4.3.8
      2. 4.3.7
      3. 4.3.10
      4. 4.3.2
      5. 4.3.1
      6. 4.3.4
      7. 4.3.3
      8. 4.3.9
      9. 4.3.6
      10. 4.3.5
      11. 4.3.0
  4. Apple (2) Search CVE
    1. Mac Os X Server (3) Search CVE
      1. 10.4.1
      2. 10.3.9
      3. 10.4
    2. Mac Os X (3) Search CVE
      1. 10.4
      2. 10.3.9
      3. 10.4.1
  5. Sgi (1) Search CVE
    1. Propack (1) Search CVE
      1. 3.0
  6. Peachtree (1) Search CVE
    1. Peachtree Linux (1) Search CVE
      1. Release_1

CWE

There is no CWE for this CVE.

History of changes

Date Event
2018-10-30 16:25
2018-10-03 21:30
2005-04-14 04:00

New CVE