CVE-2005-3353 is also unfixed in PHP 5.0.5: "The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image."
According to the bug report this will be fixed in 5.0.6 http://bugs.php.net/bug.php?id=34704 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
