Posted on

PHP up to 5.6.29/7.0.14/7.1.0 EXIF Data ext/exif/exif.c exif_convert_any_to_int Crash denial of service

A vulnerability was found in PHP up to 5.6.29/7.0.14/7.1.0 (Programming Language Software). It has been declared as problematic. Affected by this vulnerability is the function exif_convert_any_to_int of the file ext/exif/exif.c of the component EXIF Data Handler. Upgrading to version 5.6.30, 7.0.15 or 7.1.1 eliminates this vulnerability. A possible mitigation has been published before and not just after the disclosure of the vulnerability.