An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Information
Published : 2019-03-08 16:29
Updated : 2022-04-05 13:40
NVD link : CVE-2019-9638
Mitre link : CVE-2019-9638
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
canonical
- ubuntu_linux
opensuse
- leap
debian
- debian_linux
php
- php
redhat
- software_collections
netapp
- storage_automation_store