CVEs-PoC/2016/CVE-2016-4544.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-02-13 03:02:49 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

984 B

Raw Permalink Blame History

CVE-2016-4544

Description

The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.

POC

Reference

https://bugs.php.net/bug.php?id=72094

Github

https://github.com/heckintosh/modified_uploadscanner
https://github.com/modzero/mod0BurpUploadScanner
https://github.com/mrhacker51/FileUploadScanner
https://github.com/navervn/modified_uploadscanner
https://github.com/tagua-vm/tagua-vm

984 B Raw Permalink Blame History

CVE-2016-4544

Description

POC

Reference

Github

984 B

Raw Permalink Blame History