Signature Detail
Short Name |
HTTP:PHP:EXIF-HEADER |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
PHP Exif Header Parsing Integer Overflow |
Release Date |
2012/01/25 |
Update Number |
2070 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: PHP Exif Header Parsing Integer Overflow
This signature detects attempts to exploit a known integer overflow vulnerability against PHP. A successful attack can result in information disclosure or a denial-of-service condition.
Extended Description
PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values are not overrun. Successful exploits of this vulnerability allow remote attackers to execute arbitrary code in the context of a webserver affected by the issue. Failed attempts will likely result in denial-of-service conditions. PHP 5.4.0beta2 is vulnerable; other versions may also be affected.
Affected Products
- Apple Mac Os X 10.7
- Apple Mac Os X 10.7.1
- Apple Mac Os X 10.7.2
- Apple Mac Os X 10.7.3
- Apple Mac Os X Server 10.7
- Apple Mac Os X Server 10.7.1
- Apple Mac Os X Server 10.7.2
- Apple Mac Os X Server 10.7.3
- Avaya Aura Application Enablement Services 5.2
- Avaya Aura Application Enablement Services 5.2.1
- Avaya Aura Application Enablement Services 5.2.2
- Avaya Aura Application Enablement Services 5.2.3
- Avaya Aura Application Enablement Services 6.1
- Avaya Aura Application Enablement Services 6.1.1
- Avaya Aura Communication Manager 4.0
- Avaya Aura Communication Manager 4.0
- Avaya Aura Communication Manager 5.1
- Avaya Aura Communication Manager 5.2
- Avaya Aura Communication Manager 5.2.1
- Avaya Aura Communication Manager 6.0
- Avaya Aura Communication Manager 6.0.1
- Avaya Aura Communication Manager Utility Services 6.0
- Avaya Aura Communication Manager Utility Services 6.1
- Avaya Aura Communication Manager Utility Services 6.2
- Avaya Aura Experience Portal 6.0
- Avaya Aura Messaging 6.0
- Avaya Aura Messaging 6.0.1
- Avaya Aura Session Manager 1.1
- Avaya Aura Session Manager 5.2
- Avaya Aura SIP Enablement Services 4.0
- Avaya Aura SIP Enablement Services 5.0
- Avaya Aura SIP Enablement Services 5.1
- Avaya Aura SIP Enablement Services 5.2
- Avaya Aura SIP Enablement Services 5.2.1
- Avaya IP Office Application Server 6.0
- Avaya IP Office Application Server 6.1
- Avaya IP Office Application Server 7.0
- Avaya IP Office Application Server 8.0
- Avaya Voice Portal 5.0
- Avaya Voice Portal 5.0 SP1
- Avaya Voice Portal 5.0 SP2
- Avaya Voice Portal 5.1
- Avaya Voice Portal 5.1.1
- Avaya Voice Portal 5.1.2
- Avaya Voice Portal 5.1 SP1
- Debian Linux 6.0 amd64
- Debian Linux 6.0 arm
- Debian Linux 6.0 ia-32
- Debian Linux 6.0 ia-64
- Debian Linux 6.0 mips
- Debian Linux 6.0 powerpc
- Debian Linux 6.0 s/390
- Debian Linux 6.0 sparc
- Mandriva Enterprise Server 5
- Mandriva Enterprise Server 5 X86 64
- Mandriva Linux Mandrake 2010.1
- Mandriva Linux Mandrake 2010.1 X86 64
- Mandriva Linux Mandrake 2011
- Mandriva Linux Mandrake 2011 x86_64
- Oracle Enterprise Linux 4
- Oracle Enterprise Linux 5
- Oracle Enterprise Linux 6
- Oracle Enterprise Linux 6.2
- PHP 5.0.0 .0
- PHP 5.0.0 Beta1
- PHP 5.0.0 Beta2
- PHP 5.0.0 Beta3
- PHP 5.0.0 Beta4
- PHP 5.0.0 Candidate 1
- PHP 5.0.0 Candidate 2
- PHP 5.0.0 Candidate 3
- PHP 5.0.1
- PHP 5.0.2
- PHP 5.0.3
- PHP 5.0.4
- PHP 5.0.5
- PHP 5.1.0
- PHP 5.1.0
- PHP 5.1.1
- PHP 5.1.2
- PHP 5.1.3
- PHP 5.1.3-RC1
- PHP 5.1.4
- PHP 5.1.5
- PHP 5.1.6
- PHP 5.2
- PHP 5.2.1
- PHP 5.2.10
- PHP 5.2.11
- PHP 5.2.12
- PHP 5.2.13
- PHP 5.2.14
- PHP 5.2.15
- PHP 5.2.17
- PHP 5.2.2
- PHP 5.2.3
- PHP 5.2.4
- PHP 5.2.5
- PHP 5.2.6
- PHP 5.2.7
- PHP 5.2.8
- PHP 5.2.9
- PHP 5.2.9-2
- PHP 5.3.0
- PHP 5.3.1
- PHP 5.3.2
- PHP 5.3.3
- PHP 5.3.4
- PHP 5.3.4 RC1
- PHP 5.3.5
- PHP 5.3.5
- PHP 5.3.6
- PHP 5.3.6
- PHP 5.3.7
- PHP 5.3.8
- PHP 5.4.0beta2
- Red Hat Enterprise Linux 5 Server
- Red Hat Enterprise Linux Desktop Version 4
- Red Hat Enterprise Linux AS 4
- Red Hat Enterprise Linux Desktop Optional 6
- Red Hat Enterprise Linux Desktop Workstation 5 Client
- Red Hat Enterprise Linux ES 4
- Red Hat Enterprise Linux HPC Node 6
- Red Hat Enterprise Linux HPC Node Optional 6
- Red Hat Enterprise Linux Server 6
- Red Hat Enterprise Linux Server Optional 6
- Red Hat Enterprise Linux Workstation 6
- Red Hat Enterprise Linux Workstation Optional 6
- Red Hat Enterprise Linux WS 4
- SuSE SUSE Linux Enterprise SDK 11 SP1
- SuSE SUSE Linux Enterprise SDK 11 SP2
- SuSE SUSE Linux Enterprise Server 11 SP1
- SuSE SUSE Linux Enterprise Server 11 SP2
- SuSE SUSE Linux Enterprise Server for VMware 11 SP1
- Turbolinux 11 Server x64
- Turbolinux 11 Server
- Turbolinux Appliance Server 3.0
- Turbolinux Appliance Server 3.0 X64
- Turbolinux Client 2008
- Ubuntu Ubuntu Linux 10.04 Amd64
- Ubuntu Ubuntu Linux 10.04 ARM
- Ubuntu Ubuntu Linux 10.04 I386
- Ubuntu Ubuntu Linux 10.04 Powerpc
- Ubuntu Ubuntu Linux 10.04 Sparc
- Ubuntu Ubuntu Linux 10.10 amd64
- Ubuntu Ubuntu Linux 10.10 ARM
- Ubuntu Ubuntu Linux 10.10 i386
- Ubuntu Ubuntu Linux 10.10 powerpc
- Ubuntu Ubuntu Linux 11.04 amd64
- Ubuntu Ubuntu Linux 11.04 ARM
- Ubuntu Ubuntu Linux 11.04 i386
- Ubuntu Ubuntu Linux 11.04 powerpc
- Ubuntu Ubuntu Linux 11.10 amd64
- Ubuntu Ubuntu Linux 11.10 i386
- Ubuntu Ubuntu Linux 8.04 LTS Amd64
- Ubuntu Ubuntu Linux 8.04 LTS I386
- Ubuntu Ubuntu Linux 8.04 LTS Lpia
- Ubuntu Ubuntu Linux 8.04 LTS Powerpc
- Ubuntu Ubuntu Linux 8.04 LTS Sparc
References
- BugTraq: 50907
- CVE: CVE-2011-4566
- URL: https://bugs.php.net/bug.php?id=60150