Unrated severityNVD Advisory· Published May 2, 2005· Updated Jun 16, 2026
CVE-2005-1042
CVE-2005-1042
Description
Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*
- (no CPE)range: <4.3.11
Patches
Vulnerability mechanics
References
9- cvs.php.net/diff.php/php-src/ext/exif/exif.cnvdPatch
- www.gentoo.org/security/en/glsa/glsa-200504-15.xmlnvdPatch
- lists.apple.com/archives/security-announce/2005/Jun/msg00000.htmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2005-405.htmlnvd
- www.redhat.com/support/errata/RHSA-2005-406.htmlnvd
- bugzilla.redhat.com/bugzilla/show_bug.cginvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10822nvd
- usn.ubuntu.com/112-1/nvd
News mentions
0No linked articles in our index yet.