View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2015-0232 severity moderate: SUSE including 850 source package names (apache2-mod_php5-5.2.14-0.7.30.64.1, apache2-mod_php5-5.5.14-11.3, …), 955 product×package rows across 28 product lines (SUSE Liberty Linux 7, SUSE Linux Enterprise Module for Legacy 15 SP4, … (28 product lines)): Fixed 749, Known Not Affected 206.
The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image.