CVE-2019-11036
CRITICAL severity · CVSS 9.1 · CWE-126
9.1CVSS CRITICAL
Summary
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges requiredNone
User interactionNone
Confidentiality impactHigh
Integrity impactNone
Availability impactHigh
Exploit probability (EPSS)7%
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Additional information
- NVD record
- https://bugs.php.net/bug.php?id=77950Advisory
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.htmlAdvisory
- http://www.securityfocus.com/bid/108177Advisory
- https://access.redhat.com/errata/RHSA-2019:2519Advisory
- https://access.redhat.com/errata/RHSA-2019:3299Advisory