The exifconvertanytoint function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1.
[
{
"target": {
"file": "ext/exif/exif.c"
},
"id": "CVE-2016-10158-527a49fb",
"digest": {
"line_hashes": [
"164345692419806313782867716889242662623",
"199961379753220402556809735134877964513",
"81811983889484349135308472968212951300",
"306448116651839402360195260972894763694"
],
"threshold": 0.9
},
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/php/php-src/commit/1cda0d7c2ffb62d8331c64e703131d9cabdc03ea",
"signature_type": "Line"
},
{
"target": {
"function": "exif_convert_any_to_int",
"file": "ext/exif/exif.c"
},
"id": "CVE-2016-10158-a3bc0f1f",
"digest": {
"function_hash": "176999397470364082473290218156567094275",
"length": 1196.0
},
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/php/php-src/commit/1cda0d7c2ffb62d8331c64e703131d9cabdc03ea",
"signature_type": "Function"
}
]