ID:11546 - Exploit for Information disclosure in PHP - CVE-2008-5498

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:11546 - Exploit for Information disclosure in PHP - CVE-2008-5498

ID:11546 - Exploit for Information disclosure in PHP - CVE-2008-5498

Published: June 11, 2025


Vulnerability identifier: #VU110331
Vulnerability risk: Medium
CVE-ID: CVE-2008-5498
CWE-ID: CWE-200
Exploitation vector: Remote access
Vulnerable software:
PHP

Link to public exploit:


Vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image.


Remediation

Install update from vendor's website.