CVE-2019-9638

HIGH severity · CVSS 7.5 · Out-of-bounds read

7.5CVSS HIGH

Summary

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.

Impact & exploitability

Attack vectorNetwork

Attack complexityLow

Privileges requiredNone

User interactionNone

Confidentiality impactHigh

Integrity impactNone

Availability impactNone

Exploit probability (EPSS)16%

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products we track (1)

PHP

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Official patch: https://bugs.php.net/bug.php?id=77563 ↗

Additional information

NVD record
https://bugs.php.net/bug.php?id=77563Patch
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.htmlAdvisory
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.htmlAdvisory
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.htmlAdvisory
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.htmlAdvisory
https://access.redhat.com/errata/RHSA-2019:2519Advisory
https://access.redhat.com/errata/RHSA-2019:3299Advisory
https://lists.debian.org/debian-lts-announce/2019/03/msg00043.htmlAdvisory