CVE-2005-1043

Current Description

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

Basic Data

PublishedApril 14, 2005
Last ModifiedOctober 30, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score5.0
SeverityMEDIUM
Exploitability Score10.0
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationPhpPhp4.3.0*******
    2.3ApplicationPhpPhp4.3.1*******
    2.3ApplicationPhpPhp4.3.2*******
    2.3ApplicationPhpPhp4.3.3*******
    2.3ApplicationPhpPhp4.3.4*******
    2.3ApplicationPhpPhp4.3.5*******
    2.3ApplicationPhpPhp4.3.6*******
    2.3ApplicationPhpPhp4.3.7*******
    2.3ApplicationPhpPhp4.3.8*******
    2.3ApplicationPhpPhp4.3.9*******
    2.3ApplicationPhpPhp4.3.10*******
    2.3ApplicationSgiPropack3.0*******
    2.3OSConectivaLinux9.0*******
    2.3OSConectivaLinux10.0*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSAppleMac Os X10.3.9*******
    2.3OSAppleMac Os X10.4*******
    2.3OSAppleMac Os X10.4.1*******
    2.3OSAppleMac Os X Server10.3.9*******
    2.3OSAppleMac Os X Server10.4*******
    2.3OSAppleMac Os X Server10.4.1*******
    2.3OSPeachtreePeachtree Linuxrelease_1*******
    2.3OSSuseSuse Linux1.0*******
    2.3OSSuseSuse Linux2.0*******
    2.3OSSuseSuse Linux3.0*******
    2.3OSSuseSuse Linux4.0*******
    2.3OSSuseSuse Linux4.2*******
    2.3OSSuseSuse Linux4.3*******
    2.3OSSuseSuse Linux4.4*******
    2.3OSSuseSuse Linux4.4.1*******
    2.3OSSuseSuse Linux5.0*******
    2.3OSSuseSuse Linux5.1*******
    2.3OSSuseSuse Linux5.2*******
    2.3OSSuseSuse Linux5.3*******
    2.3OSSuseSuse Linux6.0*******
    2.3OSSuseSuse Linux6.1*******
    2.3OSSuseSuse Linux6.1alpha******
    2.3OSSuseSuse Linux6.2*******
    2.3OSSuseSuse Linux6.3*******
    2.3OSSuseSuse Linux6.3*ppc*****
    2.3OSSuseSuse Linux6.3alpha******
    2.3OSSuseSuse Linux6.4*******
    2.3OSSuseSuse Linux6.4*i386*****
    2.3OSSuseSuse Linux6.4*ppc*****
    2.3OSSuseSuse Linux6.4alpha******
    2.3OSSuseSuse Linux7.0*******
    2.3OSSuseSuse Linux7.0*i386*****
    2.3OSSuseSuse Linux7.0*ppc*****
    2.3OSSuseSuse Linux7.0*sparc*****
    2.3OSSuseSuse Linux7.0alpha******
    2.3OSSuseSuse Linux7.1*******
    2.3OSSuseSuse Linux7.1*spa*****
    2.3OSSuseSuse Linux7.1*sparc*****
    2.3OSSuseSuse Linux7.1*x86*****
    2.3OSSuseSuse Linux7.1alpha******
    2.3OSSuseSuse Linux7.2*******
    2.3OSSuseSuse Linux7.2*i386*****
    2.3OSSuseSuse Linux7.3*******
    2.3OSSuseSuse Linux7.3*i386*****
    2.3OSSuseSuse Linux7.3*ppc*****
    2.3OSSuseSuse Linux7.3*sparc*****
    2.3OSSuseSuse Linux8.0*******
    2.3OSSuseSuse Linux8.0*i386*****
    2.3OSSuseSuse Linux8.1*******
    2.3OSSuseSuse Linux8.2*******
    2.3OSSuseSuse Linux9.0*******
    2.3OSSuseSuse Linux9.0*x86_64*****
    2.3OSSuseSuse Linux9.1*******
    2.3OSSuseSuse Linux9.1*x86_64*****
    2.3OSSuseSuse Linux9.2*******
    2.3OSSuseSuse Linux9.2*x86_64*****
    2.3OSSuseSuse Linux9.3*******

Vulnerable Software List

VendorProductVersions
Apple Mac Os X Server 10.3.9, 10.4, 10.4.1
Apple Mac Os X 10.3.9, 10.4, 10.4.1
Peachtree Peachtree Linux release_1
Conectiva Linux 10.0, 9.0
Sgi Propack 3.0
Php Php 4.3.0, 4.3.1, 4.3.10, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6, 4.3.7, 4.3.8, 4.3.9
Suse Suse Linux 1.0, 2.0, 3.0, 4.0, 4.2, 4.3, 4.4, 4.4.1, 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 6.2, 6.3, 6.4, 7.0, 7.1, 7.2, 7.3, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 9.3

References

NameSourceURLTags
http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=uhttp://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=uCONFIRMVendor Advisory
APPLE-SA-2005-06-08http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.htmlAPPLE
GLSA-200504-15http://www.gentoo.org/security/en/glsa/glsa-200504-15.xmlGENTOOPATCH Vendor Advisory
MDKSA-2005:072http://www.mandriva.com/security/advisories?name=MDKSA-2005:072MANDRAKE
RHSA-2005:406http://www.redhat.com/support/errata/RHSA-2005-406.htmlREDHATPATCH Vendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025CONFIRMVendor Advisory
oval:org.mitre.oval:def:10307https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10307OVAL
USN-112-1https://usn.ubuntu.com/112-1/UBUNTU