Lucene search

K

MitreCVELIST:CVE-2005-0525

HistoryApr 03, 2005 - 5:00 a.m.

CVE-2005-0525

2005-04-0305:00:00

mitre

www.cve.org

1

6.2 Medium

AI Score

Confidence

Low

0.076 Low

EPSS

Percentile

94.2%

The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek.

References

lists.apple.com/archives/security-announce/2005/Jun/msg00000.html

secunia.com/advisories/14792

securitytracker.com/id?1013619

www.debian.org/security/2005/dsa-708

www.debian.org/security/2005/dsa-729

www.gentoo.org/security/en/glsa/glsa-200504-15.xml

www.mandriva.com/security/advisories?name=MDKSA-2005:072

www.osvdb.org/15184

www.redhat.com/support/errata/RHSA-2005-405.html

www.redhat.com/support/errata/RHSA-2005-406.html

www.securityfocus.com/archive/1/394797

www.vupen.com/english/advisories/2005/0305

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11703

6.2 Medium

AI Score

Confidence

Low

0.076 Low

EPSS

Percentile

94.2%

Related for CVELIST:CVE-2005-0525

cve1 openvas15 ubuntucve1 debian4 osv1 nessus12 nvd1 securityvulns1 ubuntu1 suse1 gentoo1 redhat2 centos2