Malicious JPEG Images Could Trigger PHP Memory Safety Vulnerabilities

Two critical memory-safety vulnerabilities in PHP’s image-processing functions could allow attackers to leak sensitive heap memory or to execute denial-of-service attacks via specially crafted JPEG files. The flaws, discovered in PHP’s ext/standard extension by Positive Technologies researcher Nikita Sveshnikov, affect the widely-used getimagesize and iptcembed functions that process JPEG metadata and IPTC data. PHP Memory […] The post Malicious JPEG Images Could Trigger PHP Memory Safety Vulnerabilities appeared first on Cyber Security News.