ID

VAR-200504-0063


CVE

CVE-2005-1043


TITLE

PHP of exif.c Specific in EXIF Service disruption due to header (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2005-000256

DESCRIPTION

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ PHP 4 Later, at compile time --enable-exif By compiling with EXIF ( Image file standards for digital cameras ) Enable support for. This generated by the digital camera JPEG/TIFF In the image EXIF Included in header IFD (Image File Directory) tag ( Information such as image size and type, compression method, color information, copyright ) You can get PHP 4.3.10 Before, 5.0.3 Included before EXIF module (exif.c) Contained within a specific image file IFD The following security issues exist due to inadequate handling of tags. still, PHP Group More distributed PHP By default, EXIF Support will not be activated, Red Hat Enterprise Linux Some as Linux Included with the distribution PHP In the package EXIF Support is enabled. PHP 4.3.11/5.0.4 In addition to the above issues, there are multiple security issues (CAN-2005-0524 And CAN-2005-0525 Such ) , And bugs have been fixed, PHP 4.3.11/5.0.4 Can be updated to PHP Group It is strongly recommended.Please refer to the “Overview” for the impact of this vulnerability. PHP is prone to a denial of service vulnerability. This issue could manifest itself in Web applications that allow users to upload images. PHP is a server-side scripting language designed to be embedded in HTML files and can run on Windows, Linux and many Unix operating systems

Trust: 1.98

sources: NVD: CVE-2005-1043 // JVNDB: JVNDB-2005-000256 // BID: 13164 // VULHUB: VHN-12252

AFFECTED PRODUCTS

vendor:susemodel:linuxscope:eqversion:7.3

Trust: 1.9

vendor:susemodel:linuxscope:eqversion:7.2

Trust: 1.9

vendor:susemodel:linuxscope:eqversion:7.1

Trust: 1.9

vendor:susemodel:linuxscope:eqversion:7.0

Trust: 1.9

vendor:susemodel:linuxscope:eqversion:8.1

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:8.0

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:6.4

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:6.3

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:6.2

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:6.1

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:6.0

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:5.3

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:5.2

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:5.1

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:5.0

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:4.4.1

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:4.4

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:4.3

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:4.2

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:4.0

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:3.0

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:2.0

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:1.0

Trust: 1.3

vendor:sgimodel:propackscope:eqversion:3.0

Trust: 1.3

vendor:phpmodel:phpscope:eqversion:4.3.10

Trust: 1.3

vendor:phpmodel:phpscope:eqversion:4.3.9

Trust: 1.3

vendor:phpmodel:phpscope:eqversion:4.3.8

Trust: 1.3

vendor:phpmodel:phpscope:eqversion:4.3.7

Trust: 1.3

vendor:phpmodel:phpscope:eqversion:4.3.6

Trust: 1.3

vendor:phpmodel:phpscope:eqversion:4.3.5

Trust: 1.3

vendor:phpmodel:phpscope:eqversion:4.3.4

Trust: 1.3

vendor:phpmodel:phpscope:eqversion:4.3.3

Trust: 1.3

vendor:phpmodel:phpscope:eqversion:4.3.2

Trust: 1.3

vendor:phpmodel:phpscope:eqversion:4.3.1

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:9.2

Trust: 1.0

vendor:peachtreemodel:linuxscope:eqversion:release_1

Trust: 1.0

vendor:conectivamodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.1

Trust: 1.0

vendor:susemodel:linuxscope:eqversion:9.1

Trust: 1.0

vendor:phpmodel:phpscope:eqversion:4.3.0

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.1

Trust: 1.0

vendor:susemodel:linuxscope:eqversion:9.3

Trust: 1.0

vendor:susemodel:linuxscope:eqversion:8.2

Trust: 1.0

vendor:conectivamodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.9

Trust: 1.0

vendor:susemodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.9

Trust: 1.0

vendor:the php groupmodel:phpscope:lteversion:4.3.10

Trust: 0.8

vendor:the php groupmodel:phpscope:lteversion:5.0.3

Trust: 0.8

vendor:turbo linuxmodel:turbolinux serverscope:eqversion:10

Trust: 0.8

vendor:turbo linuxmodel:turbolinux serverscope:eqversion:7

Trust: 0.8

vendor:turbo linuxmodel:turbolinux serverscope:eqversion:8

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:3 (as)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:3 (es)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:3 (ws)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (as)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (es)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (ws)

Trust: 0.8

vendor:susemodel:linux i386scope:eqversion:8.0

Trust: 0.3

vendor:susemodel:linux sparcscope:eqversion:7.3

Trust: 0.3

vendor:susemodel:linux ppcscope:eqversion:7.3

Trust: 0.3

vendor:susemodel:linux i386scope:eqversion:7.3

Trust: 0.3

vendor:susemodel:linux i386scope:eqversion:7.2

Trust: 0.3

vendor:susemodel:linuxscope:eqversion:7.1x86

Trust: 0.3

vendor:susemodel:linux sparcscope:eqversion:7.1

Trust: 0.3

vendor:susemodel:linux ppcscope:eqversion:7.1

Trust: 0.3

vendor:susemodel:linux alphascope:eqversion:7.1

Trust: 0.3

vendor:susemodel:linux sparcscope:eqversion:7.0

Trust: 0.3

vendor:susemodel:linux ppcscope:eqversion:7.0

Trust: 0.3

vendor:susemodel:linux i386scope:eqversion:7.0

Trust: 0.3

vendor:susemodel:linux alphascope:eqversion:7.0

Trust: 0.3

vendor:susemodel:linux ppcscope:eqversion:6.4

Trust: 0.3

vendor:susemodel:linux i386scope:eqversion:6.4

Trust: 0.3

vendor:susemodel:linux alphascope:eqversion:6.4

Trust: 0.3

vendor:susemodel:linux ppcscope:eqversion:6.3

Trust: 0.3

vendor:susemodel:linux alphascope:eqversion:6.3

Trust: 0.3

vendor:susemodel:linux alphascope:eqversion:6.1

Trust: 0.3

vendor:s u s emodel:linux personalscope:eqversion:9.3

Trust: 0.3

vendor:s u s emodel:linux personal x86 64scope:eqversion:9.2

Trust: 0.3

vendor:s u s emodel:linux personalscope:eqversion:9.2

Trust: 0.3

vendor:s u s emodel:linux personal x86 64scope:eqversion:9.1

Trust: 0.3

vendor:s u s emodel:linux personalscope:eqversion:9.1

Trust: 0.3

vendor:s u s emodel:linux personal x86 64scope:eqversion:9.0

Trust: 0.3

vendor:s u s emodel:linux personalscope:eqversion:9.0

Trust: 0.3

vendor:s u s emodel:linux personalscope:eqversion:8.2

Trust: 0.3

vendor:redhatmodel:linux i386scope:eqversion:9.0

Trust: 0.3

vendor:redhatmodel:linux i686scope:eqversion:7.3

Trust: 0.3

vendor:redhatmodel:linux i386scope:eqversion:7.3

Trust: 0.3

vendor:redhatmodel:linuxscope:eqversion:7.3

Trust: 0.3

vendor:redhatmodel:fedora core2scope: - version: -

Trust: 0.3

vendor:redhatmodel:fedora core1scope: - version: -

Trust: 0.3

vendor:phpmodel:phpscope:eqversion:4.3

Trust: 0.3

vendor:peachtreemodel:linux releasescope:eqversion:1

Trust: 0.3

vendor:avayamodel:s8710 r2.0.1scope: - version: -

Trust: 0.3

vendor:avayamodel:s8710 r2.0.0scope: - version: -

Trust: 0.3

vendor:avayamodel:s8700 r2.0.1scope: - version: -

Trust: 0.3

vendor:avayamodel:s8700 r2.0.0scope: - version: -

Trust: 0.3

vendor:avayamodel:s8500 r2.0.1scope: - version: -

Trust: 0.3

vendor:avayamodel:s8500 r2.0.0scope: - version: -

Trust: 0.3

vendor:avayamodel:s8300 r2.0.1scope: - version: -

Trust: 0.3

vendor:avayamodel:s8300 r2.0.0scope: - version: -

Trust: 0.3

vendor:avayamodel:modular messagingscope:eqversion:2.0

Trust: 0.3

vendor:avayamodel:modular messagingscope:eqversion:1.1

Trust: 0.3

vendor:avayamodel:mn100scope: - version: -

Trust: 0.3

vendor:avayamodel:intuity lxscope: - version: -

Trust: 0.3

vendor:avayamodel:converged communications serverscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.9

Trust: 0.3

vendor:phpmodel:phpscope:neversion:4.3.11

Trust: 0.3

sources: BID: 13164 // JVNDB: JVNDB-2005-000256 // CNNVD: CNNVD-200504-048 // NVD: CVE-2005-1043

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-1043
value: MEDIUM

Trust: 1.0

NVD: CVE-2005-1043
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200504-048
value: MEDIUM

Trust: 0.6

VULHUB: VHN-12252
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2005-1043
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-12252
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-12252 // JVNDB: JVNDB-2005-000256 // CNNVD: CNNVD-200504-048 // NVD: CVE-2005-1043

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-1043

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200504-048

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200504-048

CONFIGURATIONS

sources: JVNDB: JVNDB-2005-000256

PATCH

title:ChangeLog-4url:http://jp2.php.net/ChangeLog-4.php

Trust: 0.8

title:ChangeLog-5url:http://jp2.php.net/ChangeLog-5.php

Trust: 0.8

title:release notes 4.3.11url:http://jp2.php.net/release_4_3_11.php

Trust: 0.8

title:#28451url:http://bugs.php.net/bug.php?id=28451

Trust: 0.8

title:#31797url:http://bugs.php.net/bug.php?id=31797

Trust: 0.8

title:154021url:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154021

Trust: 0.8

title:154025url:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025

Trust: 0.8

title:RHSA-2005:406url:https://rhn.redhat.com/errata/RHSA-2005-406.html

Trust: 0.8

title:RHSA-2005:405url:https://rhn.redhat.com/errata/RHSA-2005-405.html

Trust: 0.8

title:TLSA-2005-50url:http://www.turbolinux.com/security/2005/TLSA-2005-50.txt

Trust: 0.8

title:RHSA-2005:405url:http://www.jp.redhat.com/support/errata/RHSA/RHSA-2005-405J.html

Trust: 0.8

title:RHSA-2005:406url:http://www.jp.redhat.com/support/errata/RHSA/RHSA-2005-406J.html

Trust: 0.8

title:TLSA-2005-50url:http://www.turbolinux.co.jp/security/2005/TLSA-2005-50j.txt

Trust: 0.8

sources: JVNDB: JVNDB-2005-000256

EXTERNAL IDS

db:NVDid:CVE-2005-1043

Trust: 2.8

db:BIDid:13164

Trust: 1.2

db:BIDid:13163

Trust: 0.8

db:JVNDBid:JVNDB-2005-000256

Trust: 0.8

db:CNNVDid:CNNVD-200504-048

Trust: 0.7

db:REDHATid:RHSA-2005:406

Trust: 0.6

db:GENTOOid:GLSA-200504-15

Trust: 0.6

db:UBUNTUid:USN-112-1

Trust: 0.6

db:MANDRAKEid:MDKSA-2005:072

Trust: 0.6

db:APPLEid:APPLE-SA-2005-06-08

Trust: 0.6

db:VULHUBid:VHN-12252

Trust: 0.1

sources: VULHUB: VHN-12252 // BID: 13164 // JVNDB: JVNDB-2005-000256 // CNNVD: CNNVD-200504-048 // NVD: CVE-2005-1043

REFERENCES

url:http://lists.apple.com/archives/security-announce/2005/jun/msg00000.html

Trust: 1.7

url:http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml

Trust: 1.7

url:http://www.mandriva.com/security/advisories?name=mdksa-2005:072

Trust: 1.7

url:http://www.redhat.com/support/errata/rhsa-2005-406.html

Trust: 1.7

url:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025

Trust: 1.7

url:http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=u

Trust: 1.6

url:https://usn.ubuntu.com/112-1/

Trust: 1.1

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10307

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-1043

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-1043

Trust: 0.8

url:http://www.securityfocus.com/bid/13164

Trust: 0.8

url:http://www.securityfocus.com/bid/13163

Trust: 0.8

url:http://www.ubuntulinux.org/support/documentation/usn/usn-112-1

Trust: 0.6

url:http://support.avaya.com/elmodocs2/security/asa-2005-136_rhsa-2005-405_rhsa-2005-406.pdf

Trust: 0.3

url:http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000955

Trust: 0.3

url:http://www.php.net/changelog-4.php#4.3.11

Trust: 0.3

url:http://www.php.net/

Trust: 0.3

url:http://rhn.redhat.com/errata/rhsa-2005-405.html

Trust: 0.3

url:/archive/1/396618

Trust: 0.3

url:http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=u

Trust: 0.1

sources: VULHUB: VHN-12252 // BID: 13164 // JVNDB: JVNDB-2005-000256 // CNNVD: CNNVD-200504-048 // NVD: CVE-2005-1043

CREDITS

Martin Pitt martin.pitt@canonical.com

Trust: 0.6

sources: CNNVD: CNNVD-200504-048

SOURCES

db:VULHUBid:VHN-12252
db:BIDid:13164
db:JVNDBid:JVNDB-2005-000256
db:CNNVDid:CNNVD-200504-048
db:NVDid:CVE-2005-1043

LAST UPDATE DATE

2024-08-14T12:11:48.857000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-12252date:2018-10-30T00:00:00
db:BIDid:13164date:2009-07-12T12:56:00
db:JVNDBid:JVNDB-2005-000256date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200504-048date:2005-10-20T00:00:00
db:NVDid:CVE-2005-1043date:2018-10-30T16:25:35.387

SOURCES RELEASE DATE

db:VULHUBid:VHN-12252date:2005-04-14T00:00:00
db:BIDid:13164date:2005-04-12T00:00:00
db:JVNDBid:JVNDB-2005-000256date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200504-048date:2005-04-14T00:00:00
db:NVDid:CVE-2005-1043date:2005-04-14T04:00:00