When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: php
Published: 2019-12-23T02:40:17.978353Z
Updated: 2024-09-17T04:24:19.473Z
Reserved: 2019-04-09T00:00:00
Link: CVE-2019-11047
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-12-23T03:15:11.787
Modified: 2024-11-21T04:20:26.717
Link: CVE-2019-11047
Redhat