[php-maint] Bug#336654: CVE-2005-3353 also unfixed in PHP 5.0.5

Stefan Fritsch sf at sfritsch.de
Wed Nov 23 19:14:21 UTC 2005

CVE-2005-3353 is also unfixed in PHP 5.0.5: "The exif_read_data 
function in the Exif module in PHP before 4.4.1 allows remote 
attackers to cause a denial of service (infinite loop) via a 
malformed JPEG image."

According to the bug report this will be fixed in 5.0.6

More information about the pkg-php-maint mailing list