CVE-2019-11041

CWE-125Out-of-bounds ReadCWE-120Classic Buffer Overflow14 documents9 sources
Severity
7.1HIGH
EPSS
3.3%
top 12.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Apple MAC OS XPHP PHPTenable Tenable.sc+5 more
Timeline
PublishedAug 9
Latest updateMay 24

Description

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:HExploitability: 2.8 | Impact: 4.2

Affected Packages9 packages

NVDphp/php7.1.07.1.31+2
NVDapple/mac_os_x< 10.15.1
NVDtenable/tenable.sc< 5.19.0
Ubuntuphp5< 5.5.9+dfsg-1ubuntu4.29+esm5
Ubuntuphp7.0< 7.0.33-0ubuntu0.16.04.6

Also affects: Debian Linux 10.0, 8.0, 9.0, Ubuntu Linux 12.04, 14.04, 16.04, 18.04, 19.04

Patches

Patch: bugs.php.netPatch: bugs.php.net

🔴Vulnerability Details

5
GHSA
GHSA-g668-x6wm-whp7: When PHP EXIF extension is parsing EXIF information from an image, e2022-05-24
OSV
php5 vulnerabilities2019-08-13
OSV
php7.0, php7.2 vulnerabilities2019-08-13
CVEList
heap-buffer-overflow on exif_scan_thumbnail in EXIF extension2019-08-09
OSV
CVE-2019-11041: When PHP EXIF extension is parsing EXIF information from an image, e2019-08-09

📋Vendor Advisories

5
Apple
CVE-2019-11041: macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-0062019-10-29
Apple
CVE-2019-11041: macOS Catalina 10.152019-10-07
Ubuntu
PHP vulnerabilities2019-08-13
Ubuntu
PHP vulnerabilities2019-08-13
Red Hat
php: Heap buffer over-read in exif_scan_thumbnail()2019-08-09

💬Community

3
HackerOne
Out of Bounds Memory Read in exif_scan_thumbnail2020-11-09
Bugzilla
CVE-2019-11041 php: heap buffer over-read in exif_scan_thumbnail() [fedora-all]2019-08-09
Bugzilla
CVE-2019-11041 php: Heap buffer over-read in exif_scan_thumbnail()2019-08-09