CVE-2019-11047Out-of-bounds Read in Group PHP

CWE-125Out-of-bounds Read9 documents7 sources
Severity
6.5MEDIUMNVD
CNA4.8
EPSS
3.2%
top 12.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
PHP Group PHPPHPPhp5+3 more
Timeline
PublishedDec 23
Latest updateMay 24

Description

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:LExploitability: 3.9 | Impact: 2.5

Affected Packages3 packages

NVDphp/php7.2.07.2.26+2
CVEListV5php_group/php7.2.x7.2.26+2
Ubuntuphp5/php5< 5.5.9+dfsg-1ubuntu4.29+esm8

Also affects: Debian Linux 10.0, 8.0, 9.0, Fedora 30, 31, Ubuntu Linux 12.04, 14.04, 16.04, 18.04, 19.04, 19.10

Patches

Patch: bugs.php.netPatch: bugs.php.net

🔴Vulnerability Details

4
GHSA
GHSA-r6mj-gw85-2394: When PHP EXIF extension is parsing EXIF information from an image, e2022-05-24
OSV
php5, php7.0, php7.2, php7.3 vulnerabilities2020-01-15
OSV
CVE-2019-11047: When PHP EXIF extension is parsing EXIF information from an image, e2019-12-23
CVEList
Heap-buffer-overflow READ in exif2019-12-23

📋Vendor Advisories

2
Ubuntu
PHP vulnerabilities2020-01-15
Red Hat
php: Information disclosure in exif_read_data()2019-12-22

💬Community

2
Bugzilla
CVE-2019-11047 php: Information disclosure in exif_read_data()2019-12-26
Bugzilla
CVE-2019-11047 php: information disclosure in exif_read_data() [fedora-all]2019-12-26
CVE-2019-11047 — Out-of-bounds Read in PHP Group PHP | cvebase