PHP 'ext/exif/exif.c' Denial of Service Vulnerability

PHP is prone to a denial-of-service vulnerability.

Attackers can exploit this issue to cause denial-of-service condition, denying service to legitimate users.

PHP versions 7.2.0 through 7.2.7 are vulnerable.


Bugtraq ID: 104551
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2018-12882

Remote: Yes
Local: No
Published: Jun 25 2018 12:00AM
Updated: Jun 25 2018 12:00AM
Credit: geeknik
Vulnerable: PHP PHP 7.2.7
PHP PHP 7.2.5
PHP PHP 7.2.4
PHP PHP 7.2.3
PHP PHP 7.2.2
PHP PHP 7.2.1

Not Vulnerable:


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

Related Posts