132684 – (CVE-2005-3353) VUL-0: CVE-2005-3353: php EXIF DoS

Bug 132684 (CVE-2005-3353) - VUL-0: CVE-2005-3353: php EXIF DoS

Summary: VUL-0: CVE-2005-3353: php EXIF DoS

Status:	RESOLVED FIXED

Alias:	CVE-2005-3353

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P5 - None Severity: Normal
Target Milestone:	---
Assignee:	Michal Marek
QA Contact:	Security Team bot

URL:
Whiteboard:	CVE-2005-3388: CVSS v2 Base Score: 4....
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2005-11-08 08:33 UTC by Ludwig Nussel
Modified:	2019-05-01 14:42 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Other
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
patch from php bugzilla (644 bytes, patch) 2005-11-08 08:34 UTC, Ludwig Nussel	Details \| Diff
image that is said to cause crash (84.58 KB, image/jpeg) 2005-11-08 08:34 UTC, Ludwig Nussel	Details
crash.php (134 bytes, text/plain) 2005-11-17 14:11 UTC, Marcus Meissner	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ludwig Nussel 2005-11-08 08:33:10 UTC

We received the following report via vendor-sec.
The issue is public.

Date: Mon, 07 Nov 2005 15:40:58 -0500
From: Josh Bressers <bressers@redhat.com>
To: vendor-sec@lst.de
Subject: Re: [vendor-sec] Another PHP issue for your viewing pleasure 

> An image with bad EXIF data can cause PHP to enter an infinite loop.
> 
> http://bugs.php.net/bug.php?id=34704
> 
> Use CVE-2005-3353.

Joe Orton just informed me that this is not an infinite loop issue, it's an
infinte recursion issue, so it just crashes PHP rather than looping
forever.

-- 
    JB
_______________________________________________
Vendor Security mailing list
Vendor Security@lst.de
https://www.lst.de/cgi-bin/mailman/listinfo/vendor-sec

Comment 1 Ludwig Nussel 2005-11-08 08:34:09 UTC

Created attachment 56655 [details]
patch from php bugzilla

Comment 2 Ludwig Nussel 2005-11-08 08:34:58 UTC

Created attachment 56656 [details]
image that is said to cause crash

Comment 3 Michal Marek 2005-11-08 10:08:27 UTC

Petr is ill, I'll do it.

Comment 4 Michal Marek 2005-11-15 13:46:07 UTC

Fixed together with bug #131580

Comment 5 Heiko Rommel 2005-11-17 12:58:19 UTC

SUSE QA:

please provide php code to load the image that is said to cause a crash

Comment 6 Marcus Meissner 2005-11-17 14:11:34 UTC

Created attachment 57642 [details]
crash.php

Comment 7 Thomas Biege 2009-10-13 21:47:08 UTC

CVE-2005-3388: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)