CVE-2019-11040Out-of-bounds Read in PHP

CWE-125Out-of-bounds Read12 documents8 sources
Severity
9.1CRITICALNVD
EPSS
1.2%
top 20.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
PHPPhp5PHP Group PHP+3 more
Timeline
PublishedJun 19
Latest updateMay 24

Description

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages5 packages

NVDphp/php7.1.07.1.30+2
Ubuntuphp5/php5< 5.5.9+dfsg-1ubuntu4.29+esm3
CVEListV5php_group/php7.1.30, 7.2.19, 7.3.6+2
NVDopensuse/leap15.0, 15.1+1

Also affects: Debian Linux 10.0, 9.0

🔴Vulnerability Details

5
GHSA
GHSA-9mjv-243x-3w2q: When EXIF extension is parsing EXIF information from an image, e2022-05-24
CVEList
Heap buffer overflow in EXIF extension2019-06-18
OSV
php5 vulnerabilities2019-06-05
OSV
php7.0, php7.2 vulnerabilities2019-06-05
OSV
CVE-2019-11040: When PHP EXIF extension is parsing EXIF information from an image, e2019-06-03

📋Vendor Advisories

3
Red Hat
php: Buffer over-read in exif_read_data()2019-06-18
Ubuntu
PHP vulnerabilities2019-06-05
Ubuntu
PHP vulnerabilities2019-06-05

💬Community

3
HackerOne
Out of Bounds Memory Read in php_jpg_get162020-11-09
Bugzilla
CVE-2019-11038 CVE-2019-11039 CVE-2019-11040 php: various flaws [fedora-all]2019-06-26
Bugzilla
CVE-2019-11040 php: Buffer over-read in exif_read_data()2019-06-26
CVE-2019-11040 — Out-of-bounds Read in PHP | cvebase