FreeBSD : php -- crash on crafted tag in exif (cc3bfec6-56cd-11e0-9668-001fd0d616cf)
Medium Nessus Plugin ID 52986
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionUS-CERT/NIST reports :
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
SolutionUpdate the affected package.