Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2014-3670

The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function.

Related bugs and status

CVE-2014-3670 (Candidate) is related to these bugs:

Bug #1411811: Please update php, mysql on ubuntu 15.04

Summary				In	Importance	Status
	1411811	Please update php, mysql on ubuntu 15.04		php5 (Ubuntu)	Undecided	Fix Released
	1411811	Please update php, mysql on ubuntu 15.04		mysql-5.6 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://git.php.net/?p=...
CONFIRM: http://php.net/ChangeL...
CONFIRM: https://bugs.php.net/b...
CONFIRM: https://bugzilla.redha...
CONFIRM: http://linux.oracle.co...
CONFIRM: http://linux.oracle.co...
DEBIAN: DSA-3064
REDHAT: RHSA-2014:1767
REDHAT: RHSA-2014:1768
SUSE: openSUSE-SU-2014:1377
UBUNTU: USN-2391-1
SECUNIA: 59967
SECUNIA: 60630
SECUNIA: 60699
SECUNIA: 61763
SECUNIA: 61970
SECUNIA: 61982
REDHAT: RHSA-2014:1765
REDHAT: RHSA-2014:1766
SUSE: openSUSE-SU-2014:1391
REDHAT: RHSA-2014:1824
CONFIRM: https://support.apple....
APPLE: APPLE-SA-2015-04-08-2
SUSE: openSUSE-SU-2015:0014
BID: 70665
CONFIRM: http://www.oracle.com/...