When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: php
Published: 2019-08-09T19:26:34.193473Z
Updated: 2024-09-17T02:15:56.650Z
Reserved: 2019-04-09T00:00:00
Link: CVE-2019-11042
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-08-09T20:15:11.143
Modified: 2024-11-21T04:20:25.890
Link: CVE-2019-11042
Redhat