An integer overflow vulnerability causing heap overflow in ext/standard/iptc.c module was found. This issue can be used to trigger memory corruption on 32-bit versions of PHP.
Created php tracking bugs for this issue:
Affects: fedora-all [bug 1305565]
This issue is triggered when iptcembed() function is called with long $iptcdata argument (not possible under default or typical PHP configurations that use much lower limit for memory that can be used by a script), or specified $jpeg_file_name must be a very large file. Hence, this would be hard to trigger for remote attacker.