PhotoPost Community

PhotoPost Community (http://www.photopost.com/forum/)
-   General Discussion (http://www.photopost.com/forum/general-discussion/)
-   -   Security Announcement: PhotoPost Immune from EXIF PHP Security Flaw (http://www.photopost.com/forum/general-discussion/111091-security-announcement-photopost-immune-exif-php-security-flaw.html)

Michael P December 22nd, 2004 08:10 AM
Security Announcement: PhotoPost Immune from EXIF PHP Security Flaw
 
There is serious security exploit floating about the Internet concerning the parsing of image EXIF data by PHP driven webapps. The result can be a stack overflow, thus allowing abitrary code execution on some operating systems.

Look for CAN-2004-1065 at this link for more info:

https://bugzilla.redhat.com/bugzilla....cgi?id=141132

However, PhotoPost users are immune from this security flaw because we do not use PHP's exif extractor to obtain EXIF information from an image (its been unreliable for a long time).


All times are GMT -5. The time now is 11:20 AM.

Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.2.0


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97