When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: php

Published: 2019-04-18T16:57:00.996700Z

Updated: 2024-09-17T03:43:08.668Z

Reserved: 2019-04-09T00:00:00

Link: CVE-2019-11035

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2019-04-18T17:29:00.947

Modified: 2020-10-02T13:13:39.757

Link: CVE-2019-11035

cve-icon Redhat

Severity : Low

Publid Date: 2019-04-02T00:00:00Z

Links: CVE-2019-11035 - Bugzilla