Description: iDEFENSE reported a vulnerability in PHP in getimagesize(). A user can cause denial of service conditions. A user can create a specially crafted image file that, when processed by getimagesize(), will cause the php_handle_iff() function in 'ext/standard/image.c' to enter an infinite loop [CVE: CAN-2005-0524]. A file with the 'size' value set to '-8' can trigger the vulnerability. A user can create a JPEG file with specially crafted file length field in the header to trigger an infinite loop in php_handle_jpeg() [CVE: CAN-2005-0525]. If a remote user can supply an image to the target system, then these vulnerabilities can be exploited by remote users. The vendor was notified on February 23, 2005. The original advisory is available at: http://www.idefense.com/application/poi/di splay?id=222&type=vulnerabilities Impact: A user can cause the PHP process on the target system to consume all available CPU resources. Solution: The vendor has issued a fixed version (5.0.4), available at: http://www.php.net/downloads.php
*** This bug has been marked as a duplicate of 87517 ***