Bug 132684 (CVE-2005-3353)

Summary: VUL-0: CVE-2005-3353: php EXIF DoS
Product: [Novell Products] SUSE Security Incidents Reporter: Ludwig Nussel <lnussel>
Component: IncidentsAssignee: Michal Marek <mmarek>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: nadvornik, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVE-2005-3388: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N) CVSSv2:NVD:CVE-2005-3054:2.1:(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: patch from php bugzilla
image that is said to cause crash
crash.php

Description Ludwig Nussel 2005-11-08 08:33:10 UTC 
We received the following report via vendor-sec.
The issue is public.

Date: Mon, 07 Nov 2005 15:40:58 -0500
From: Josh Bressers <bressers@redhat.com>
To: vendor-sec@lst.de
Subject: Re: [vendor-sec] Another PHP issue for your viewing pleasure 

> An image with bad EXIF data can cause PHP to enter an infinite loop.
> 
> http://bugs.php.net/bug.php?id=34704
> 
> Use CVE-2005-3353.

Joe Orton just informed me that this is not an infinite loop issue, it's an
infinte recursion issue, so it just crashes PHP rather than looping
forever.

-- 
    JB
_______________________________________________
Vendor Security mailing list
Vendor Security@lst.de
https://www.lst.de/cgi-bin/mailman/listinfo/vendor-sec
Comment 1 Ludwig Nussel 2005-11-08 08:34:09 UTC 
Created attachment 56655 [details]
patch from php bugzilla
Comment 2 Ludwig Nussel 2005-11-08 08:34:58 UTC 
Created attachment 56656 [details]
image that is said to cause crash
Comment 3 Michal Marek 2005-11-08 10:08:27 UTC 
Petr is ill, I'll do it.
Comment 4 Michal Marek 2005-11-15 13:46:07 UTC 
Fixed together with bug #131580
Comment 5 Heiko Rommel 2005-11-17 12:58:19 UTC 
SUSE QA:

please provide php code to load the image that is said to cause a crash
Comment 6 Marcus Meissner 2005-11-17 14:11:34 UTC 
Created attachment 57642 [details]
crash.php
Comment 7 Thomas Biege 2009-10-13 21:47:08 UTC 
CVE-2005-3388: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)