CVE-2014-3670: Buffer Overflow

First published: Mon Oct 20 2014(Updated: )

A heap corruption issue was reported in PHP's exif_thumbnail() function. A specially-crafted JPEG image could cause the PHP interpreter to crash or, potentially, execute arbitrary code. This issue has been fixed in upstream versions 5.4.34, 5.5.18, and 5.6.2. References: <a href="http://git.php.net/?p=php-src.git;a=commit;h=ddb207e7fa2e9adeba021a1303c3781efda5409b">http://git.php.net/?p=php-src.git;a=commit;h=ddb207e7fa2e9adeba021a1303c3781efda5409b</a> <a href="https://bugs.php.net/bug.php?id=68113">https://bugs.php.net/bug.php?id=68113</a> <a href="http://php.net/ChangeLog-5.php">http://php.net/ChangeLog-5.php</a>

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/php	<5.4.34	5.4.34
redhat/php	<5.5.18	5.5.18
redhat/php	<5.6.2	5.6.2
PHP	<=5.4.33
PHP	=5.4.0
PHP	=5.4.1
PHP	=5.4.2
PHP	=5.4.3
PHP	=5.4.4
PHP	=5.4.5
PHP	=5.4.6
PHP	=5.4.7
PHP	=5.4.8
PHP	=5.4.9
PHP	=5.4.10
PHP	=5.4.11
PHP	=5.4.12
PHP	=5.4.12-rc1
PHP	=5.4.12-rc2
PHP	=5.4.13
PHP	=5.4.13-rc1
PHP	=5.4.14
PHP	=5.4.14-rc1
PHP	=5.4.15-rc1
PHP	=5.4.16-rc1
PHP	=5.4.17
PHP	=5.4.18
PHP	=5.4.19
PHP	=5.4.20
PHP	=5.4.21
PHP	=5.4.22
PHP	=5.4.23
PHP	=5.4.24
PHP	=5.4.25
PHP	=5.4.26
PHP	=5.4.27
PHP	=5.4.28
PHP	=5.4.29
PHP	=5.4.30
PHP	=5.4.31
PHP	=5.4.32
PHP	=5.5.0
PHP	=5.5.0-alpha1
PHP	=5.5.0-alpha2
PHP	=5.5.0-alpha3
PHP	=5.5.0-alpha4
PHP	=5.5.0-alpha5
PHP	=5.5.0-alpha6
PHP	=5.5.0-beta1
PHP	=5.5.0-beta2
PHP	=5.5.0-beta3
PHP	=5.5.0-beta4
PHP	=5.5.0-rc1
PHP	=5.5.0-rc2
PHP	=5.5.1
PHP	=5.5.2
PHP	=5.5.3
PHP	=5.5.4
PHP	=5.5.5
PHP	=5.5.6
PHP	=5.5.7
PHP	=5.5.8
PHP	=5.5.9
PHP	=5.5.10
PHP	=5.5.11
PHP	=5.5.12
PHP	=5.5.13
PHP	=5.5.14
PHP	=5.5.15
PHP	=5.5.16
PHP	=5.5.17
PHP	=5.6.0
PHP	=5.6.1

Remedy

https://bugs.php.net/bug.php?id=68113

Never miss a vulnerability like this again

Reference Links

agent/type
agent/first-publish-date
collector/mitre-cve
source/MITRE
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2014-3670
agent/software-canonical-lookup
agent/last-modified-date
agent/author
agent/weakness
agent/remedy
agent/references
agent/severity
agent/description
agent/event
agent/trending
collector/nvd-index
agent/software-canonical-lookup-request
agent/tags
agent/softwarecombine
agent/source
package-manager/redhat
vendor/php
canonical/php
version/php/5.4.33
version/php/5.4.0
version/php/5.4.1
version/php/5.4.2
version/php/5.4.3
version/php/5.4.4
version/php/5.4.5
version/php/5.4.6
version/php/5.4.7
version/php/5.4.8
version/php/5.4.9
version/php/5.4.10
version/php/5.4.11
version/php/5.4.12
version/php/5.4.12-rc1
version/php/5.4.12-rc2
version/php/5.4.13
version/php/5.4.13-rc1
version/php/5.4.14
version/php/5.4.14-rc1
version/php/5.4.15-rc1
version/php/5.4.16-rc1
version/php/5.4.17
version/php/5.4.18
version/php/5.4.19
version/php/5.4.20
version/php/5.4.21
version/php/5.4.22
version/php/5.4.23
version/php/5.4.24
version/php/5.4.25
version/php/5.4.26
version/php/5.4.27
version/php/5.4.28
version/php/5.4.29
version/php/5.4.30
version/php/5.4.31
version/php/5.4.32
version/php/5.5.0
version/php/5.5.0-alpha1
version/php/5.5.0-alpha2
version/php/5.5.0-alpha3
version/php/5.5.0-alpha4
version/php/5.5.0-alpha5
version/php/5.5.0-alpha6
version/php/5.5.0-beta1
version/php/5.5.0-beta2
version/php/5.5.0-beta3
version/php/5.5.0-beta4
version/php/5.5.0-rc1
version/php/5.5.0-rc2
version/php/5.5.1
version/php/5.5.2
version/php/5.5.3
version/php/5.5.4
version/php/5.5.5
version/php/5.5.6
version/php/5.5.7
version/php/5.5.8
version/php/5.5.9
version/php/5.5.10
version/php/5.5.11
version/php/5.5.12
version/php/5.5.13
version/php/5.5.14
version/php/5.5.15
version/php/5.5.16
version/php/5.5.17
version/php/5.6.0
version/php/5.6.1

CVE-2014-3670: Buffer Overflow

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact