fkie_nvd - fkie_cve-2014-3670

fkie_cve-2014-3670

Vulnerability from fkie_nvd

Published

2014-10-29 10:55

Modified

2025-04-12 10:46

Severity ?

Summary

The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function.

References

URL	Tags
secalert@redhat.com	http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ddb207e7fa2e9adeba021a1303c3781efda5409b
secalert@redhat.com	http://linux.oracle.com/errata/ELSA-2014-1767.html
secalert@redhat.com	http://linux.oracle.com/errata/ELSA-2014-1768.html
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-updates/2014-11/msg00024.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-updates/2014-11/msg00034.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-updates/2015-01/msg00006.html
secalert@redhat.com	http://php.net/ChangeLog-5.php
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-1765.html
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-1766.html
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-1767.html
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-1768.html
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-1824.html
secalert@redhat.com	http://secunia.com/advisories/59967
secalert@redhat.com	http://secunia.com/advisories/60630
secalert@redhat.com	http://secunia.com/advisories/60699
secalert@redhat.com	http://secunia.com/advisories/61763
secalert@redhat.com	http://secunia.com/advisories/61970
secalert@redhat.com	http://secunia.com/advisories/61982
secalert@redhat.com	http://www.debian.org/security/2014/dsa-3064
secalert@redhat.com	http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
secalert@redhat.com	http://www.securityfocus.com/bid/70665
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2391-1
secalert@redhat.com	https://bugs.php.net/bug.php?id=68113	Exploit, Patch, Vendor Advisory
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1154502
secalert@redhat.com	https://support.apple.com/HT204659
af854a3a-2127-422b-91ae-364da2661108	http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ddb207e7fa2e9adeba021a1303c3781efda5409b
af854a3a-2127-422b-91ae-364da2661108	http://linux.oracle.com/errata/ELSA-2014-1767.html
af854a3a-2127-422b-91ae-364da2661108	http://linux.oracle.com/errata/ELSA-2014-1768.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2014-11/msg00024.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2014-11/msg00034.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2015-01/msg00006.html
af854a3a-2127-422b-91ae-364da2661108	http://php.net/ChangeLog-5.php
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1765.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1766.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1767.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1768.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1824.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59967
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60630
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60699
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61763
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61970
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61982
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2014/dsa-3064
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/70665
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2391-1
af854a3a-2127-422b-91ae-364da2661108	https://bugs.php.net/bug.php?id=68113	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1154502
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT204659

Impacted products

Vendor	Product	Version
php	php	*
php	php	5.4.0
php	php	5.4.1
php	php	5.4.2
php	php	5.4.3
php	php	5.4.4
php	php	5.4.5
php	php	5.4.6
php	php	5.4.7
php	php	5.4.8
php	php	5.4.9
php	php	5.4.10
php	php	5.4.11
php	php	5.4.12
php	php	5.4.12
php	php	5.4.12
php	php	5.4.13
php	php	5.4.13
php	php	5.4.14
php	php	5.4.14
php	php	5.4.15
php	php	5.4.16
php	php	5.4.17
php	php	5.4.18
php	php	5.4.19
php	php	5.4.20
php	php	5.4.21
php	php	5.4.22
php	php	5.4.23
php	php	5.4.24
php	php	5.4.25
php	php	5.4.26
php	php	5.4.27
php	php	5.4.28
php	php	5.4.29
php	php	5.4.30
php	php	5.4.31
php	php	5.4.32
php	php	5.5.0
php	php	5.5.0
php	php	5.5.0
php	php	5.5.0
php	php	5.5.0
php	php	5.5.0
php	php	5.5.0
php	php	5.5.0
php	php	5.5.0
php	php	5.5.0
php	php	5.5.0
php	php	5.5.0
php	php	5.5.0
php	php	5.5.1
php	php	5.5.2
php	php	5.5.3
php	php	5.5.4
php	php	5.5.5
php	php	5.5.6
php	php	5.5.7
php	php	5.5.8
php	php	5.5.9
php	php	5.5.10
php	php	5.5.11
php	php	5.5.12
php	php	5.5.13
php	php	5.5.14
php	php	5.5.15
php	php	5.5.16
php	php	5.5.17
php	php	5.6.0
php	php	5.6.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "324E4135-7908-46DF-A34B-5665D28C8999",
              "versionEndIncluding": "5.4.33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7B9B8D2-78B7-4B17-955B-741C7A6F6634",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CA2A940-BD69-4D35-AF12-432CB929248B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "29BD13F9-86C8-44C4-A860-9A87870A518E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B361FDE-9F6A-4E9A-96F1-619DC56EECB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DBD9E7B-1237-47A8-8A07-5CC5246A9C5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F2BB41E-2096-4291-B0ED-06825FDFE8BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "52BA94F7-1AF9-415C-AC21-30BC25C74C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0A739A0-698A-422B-886B-430A79F6E945",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "086E0D24-A43E-4CEA-9FB0-FE193B88CC31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC8D0963-8CA5-4814-9B6D-4E1C3907737B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A4B7E0-C872-4E53-AD72-1BB2755E4FDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EECCD553-53D5-485E-8C21-E2A5070833B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "95357C79-A754-4E0C-B65B-0FA241962B12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "25EAF9A9-F7A1-4AC7-BCFD-769BE0FDB537",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "74EA8037-7C22-48B3-9FA2-4BFFFFD513D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8D1254E-0C72-4958-BA7F-5B818C3ACB15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "92994FFC-F362-48AC-9CA8-8EBCAC880C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "21131DF1-1EE5-4C84-B1E0-FA75BC39B344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "0B23F85D-465B-4176-9798-E78AADE421EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "ADEE52B4-8392-4321-8C00-FABA6270E728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "57D74F58-DB3A-4A70-93CF-B350DB65EF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAEE86A0-C3FC-446E-8DF0-4FA32F741E1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "90B670B6-A211-40C6-A8A0-1B0188EF891F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAAC4776-F3FF-42D8-AC6E-4746987D30BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "41DC16B7-7A45-4BDE-B340-F17D97CA3BDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FD7C2E6-9B34-4890-A0D1-39BB8ECA47E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F8F72EC-7431-4B36-89EF-E7593ACFBFEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E9AC84-430D-4FDA-8FFE-B77E17803A11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "5238A7AE-D3FD-4465-95D7-F9C8787F9463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B877725-43E7-479E-9FA3-6D2FFE89B620",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB33BBC0-9D17-4369-A52D-B4B65150380A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "95E112B5-12CC-40D5-AA1E-B5FB1ABC831E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "B078B1E5-14BD-4004-8384-4656E1063EC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "27BB02F3-99A1-428C-A3C9-614B1277C88D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "42873F3E-55BA-4CF3-BA13-13E49E59C363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "98C7A829-D27A-401E-A525-3327750A1FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A647D7F-29A9-40CE-9F15-A53D15DDC18F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
              "matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
              "matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
              "matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
              "matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
              "matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "840EE3AC-5293-4F33-9E2C-96A0A2534B02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0FC407-96DB-425E-BB57-7A5BA839C37F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE65D0D4-CB56-4946-AB44-2EF554602A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n exif_ifd_make_value en exif.c en la extensi\u00f3n EXIF en PHP anterior a 5.4.34, 5.5.x anterior a 5.5.18, y 5.6.x anterior a 5.6.2 opera sobre arrays de punto flotante incorrectamente, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria din\u00e1mica y ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un imagen JPEG manipulado con datos \u0027thumbnail\u0027 TIFF que son manejados indebidamente por la funci\u00f3n exif_thumbnail."
    }
  ],
  "id": "CVE-2014-3670",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-10-29T10:55:03.917",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ddb207e7fa2e9adeba021a1303c3781efda5409b"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://linux.oracle.com/errata/ELSA-2014-1767.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://linux.oracle.com/errata/ELSA-2014-1768.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00024.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00034.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00006.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://php.net/ChangeLog-5.php"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1767.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1768.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1824.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59967"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/60630"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/60699"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61763"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61970"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61982"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2014/dsa-3064"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/70665"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-2391-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://bugs.php.net/bug.php?id=68113"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154502"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://support.apple.com/HT204659"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ddb207e7fa2e9adeba021a1303c3781efda5409b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://linux.oracle.com/errata/ELSA-2014-1767.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://linux.oracle.com/errata/ELSA-2014-1768.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00024.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00034.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://php.net/ChangeLog-5.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1767.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1768.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1824.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59967"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60630"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60699"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61763"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61970"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61982"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2014/dsa-3064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/70665"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2391-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://bugs.php.net/bug.php?id=68113"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154502"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/HT204659"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2014-3670 (GCVE-0-2014-3670)

Vulnerability from cvelistv5

Published

2014-10-29 10:00