PHP has detected security vulnerabilities. read this article to learn about the security vulnerabilities discovered by PHP. according to the PHP organization, servers running PHP are vulnerable to a variety of malicious program attacks, including allowing attackers to execute malicious code and DoS attacks. The PHP organization released an upgraded version to fix these vulnerabilities, which can be downloaded from the PHP website or directly obtained from various operating system vendors. PHP organizations strongly recommend that you upgrade "> <LINKhref =" http: // www. according to PHP, servers running PHP are vulnerable to a variety of malicious program attacks, including allowing attackers to execute malicious code and DoS attacks.
The PHP organization released an upgraded version to fix these vulnerabilities, which can be downloaded from the PHP website or directly obtained from various operating system vendors. PHP organizations strongly recommend that users upgrade to the new version.
PHP is an open-source programming language mainly used for server applications. it runs on Linux, Unix, Mac OS, Windows, and other server operating systems.
Two vulnerabilities are found in the EXIF module of PHP. this module is used to process the interchangeable Image File Format (EXIF) specification used by digital cameras. the exif_process_IFD_TAG () of this module () A vulnerability in the function may be exploited by the specially crafted "image file directory (IFD)" label to cause buffer overflow and execute malicious code with PHP server permissions.
The second EXIF module vulnerability may cause infinite recursion, causing program crash.
Another vulnerability affects the php_handle_iff () and php_handle_jpeg () functions, which can be exploited by specially crafted images to create an infinite loop, consuming all available CPU resources and forming DoS attacks.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.