According to the "Network World" report, according to PHP organization, running PHP's server is easily attacked, including allowing attackers to perform malicious code and DOS attacks.
PHP organization released the upgrade version of these vulnerabilities, which can be downloaded from the PHP website or obtained from various operating system vendors. PHP organizations strongly recommend that users have upgraded to the new version.
PHP is an open source programming language primarily used for server-side applications, running on server operating systems such as Linux, UNIX, Mac OS, and Windows.
There are two vulnerabilities to be found in the PHP's EXIF module, which is used to process the exchangeable image file format (EXIF) specification used by the digital camera. A vulnerability in the module's exif_process_ifd_tag () function is likely to be special File Directory (IFD) tag utilization to cause buffer overflow and perform malicious code with PHP server privileges.
The second EXIF module vulnerability may result in infinity recursive, causing the executed program to crash.
Another vulnerability affects the php_handle_iff () and php_handle_jpeg () functions, which can be utilized by special image to cause infinite loops, consume all available CPU resources to form a DOS attack.
