Buffer Overflow Vulnerability in PHP Affecting Multiple Versions
CVE-2004-1065

Currently unrated

Key Information:

Vendor: PHP
Status: PHP; Openpkg
Vendor: CVE Published:; 10 January 2005

What is CVE-2004-1065?

A vulnerability exists in the exif_read_data function of PHP, allowing remote attackers to exploit a buffer overflow through specially crafted image files. By providing a long section name within the image metadata, attackers may execute arbitrary code on the affected system. This poses significant security risks for applications utilizing vulnerable PHP versions, emphasizing the importance of timely updates and patches.

References

http://www.redhat.com/support/errata/RHSA-2005-032.html

vendor-advisoryx_refsource_REDHAT

http://www.novell.com/linux/security/advisories/2005_02_p...

vendor-advisoryx_refsource_SUSE

http://www.php.net/release_4_3_10.php

x_refsource_CONFIRM

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 10, 2005
Vulnerability Reserved
Nov 23, 2004