Wind River Support Network

HomeDefectsLIN7-6830

Fixed

LIN7-6830 : Security Advisory - php - CVE-2016-7128

Created: Sep 22, 2016 Updated: Sep 8, 2018

Resolved Date: Oct 26, 2016

Found In Version: 7.0

Fix Version: 7.0.0.22

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7128

Other Downloads

Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-7128