CVE-2019-11048
published 2020-05-20CVE-2019-11048: In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field…
PriorityP335medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
EPSS
6.26%
92.7th percentile
In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | php7.4 | < php7.4 7.4.9-1 (bullseye) | php7.4 7.4.9-1 (bullseye) |
| php | php | >= 7.2.0 < 7.2.31 | 7.2.31 |
| php | php | >= 7.3.0 < 7.3.18 | 7.3.18 |
| php | php | >= 7.4.0 < 7.4.6 | 7.4.6 |
| php_group | php | >= 7.2.x < 7.2.31 | 7.2.31 |
| php_group | php | >= 7.3.x < 7.3.18 | 7.3.18 |
| php_group | php | >= 7.4.x < 7.4.6 | 7.4.6 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.3MEDIUM
vendor_debian5.3MEDIUM
vendor_oracle5.3MEDIUM
vendor_redhat5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wxwf-j52f-79g8: In PHP versions 7
ghsa_unreviewed·2022-05-24
CVE-2019-11048 [MEDIUM] CWE-190 GHSA-wxwf-j52f-79g8: In PHP versions 7
In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.
OSV
CVE-2019-11048: In PHP versions 7
osv·2020-05-20·CVSS 5.3
CVE-2019-11048 [MEDIUM] CVE-2019-11048: In PHP versions 7
In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.
CISA ICS
Festo Didactic SE MES PC
cisa_ics·2026-01-27·CVSS 7.5
[HIGH] Festo Didactic SE MES PC
ICS Advisory
##
Festo Didactic SE MES PC
Release DateJanuary 27, 2026
Alert CodeICSA-26-027-02
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## Summary
MES PCs shipped with Windows 10 come pre-installed with XAMPP. XAMPP is a bundle of third-party open-source applications including the Apache HTTP Server, the MariaDB database and more. From time to time, vulnerabilities in these applications are discovered. These are fixed in newer versions of XAMPP by updating the bundled applications. MES PCs shipped with Windows 10 include a copy of XAMPP which contains around 140 such vulnerabilities listed in this advisory. They can be fixed by replacing XAMPP with Festo Didactic's Factory Control Panel application.
The
Oracle
Oracle Oracle Communications Risk Matrix: Core (PHP) — CVE-2019-11048
vendor_oracle·2020-10-15·CVSS 5.3
CVE-2019-11048 [MEDIUM] Oracle Oracle Communications Risk Matrix: Core (PHP) — CVE-2019-11048
Oracle Oracle Communications Risk Matrix: Core (PHP) vulnerability
CVE: CVE-2019-11048
CVSS: 5.3
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpuoct2020 (OCT 2020)
Ubuntu
PHP vulnerability
vendor_ubuntu·2020-05-27
CVE-2019-11048 PHP vulnerability
Title: PHP vulnerability
Summary: PHP could be made to crash if it received a specially crafted
file.
It was discovered that PHP incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
php: Integer wraparounds when receiving multipart forms
vendor_redhat·2020-05-14·CVSS 5.3
CVE-2019-11048 [MEDIUM] CWE-190 php: Integer wraparounds when receiving multipart forms
php: Integer wraparounds when receiving multipart forms
In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.
A flaw was found in PHP under a non-default configuration, where it was vulnerable to integer wraparounds during the reception of a multipart POST request. This flaw allows a remote attacker to repeatedly crash PHP and fill the filesystem with temporary PHP files, resulting i
Debian
CVE-2019-11048: php7.4 - In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, wh...
vendor_debian·2019·CVSS 5.3
CVE-2019-11048 [MEDIUM] CVE-2019-11048: php7.4 - In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, wh...
In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.
Scope: local
bullseye: resolved (fixed in 7.4.9-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2019-11048 php: 2 integer wraparound when receiving multipart forms [fedora-all]
bugzilla·2020-05-20·CVSS 5.3
CVE-2019-11048 [MEDIUM] CVE-2019-11048 php: 2 integer wraparound when receiving multipart forms [fedora-all]
CVE-2019-11048 php: 2 integer wraparound when receiving multipart forms [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported v
Bugzilla
CVE-2019-11048 php: Integer wraparounds when receiving multipart forms
bugzilla·2020-05-20·CVSS 5.3
CVE-2019-11048 [MEDIUM] CVE-2019-11048 php: Integer wraparounds when receiving multipart forms
CVE-2019-11048 php: Integer wraparounds when receiving multipart forms
There are 2 integers wraparound flaws in php-src/main/rfc1867.c that allow a malicious user to crash PHP during a multipart/form-data file upload. A large multipart/form-data variable, or filename, may cause an integer overflow that leads to a subsequent crash.
Temporary files are not cleaned up, and could ultimately fill up the file system containing PHP temporary data.
Upstream Issues:
https://bugs.php.net/bug.php?id=78876
https://bugs.php.net/bug.php?id=78875
Discussion:
Created php tracking bugs for this issue:
Affects: fedora-all [bug 1837843]
---
Upstream fixes :
* Fix #78876: Long variables cause OOM and temp files are not cleaned
https://github.com/php/php-src/commit/f43041250f82ed69bd4575655984fbfc842da
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00045.htmlhttps://bugs.php.net/bug.php?id=78875https://bugs.php.net/bug.php?id=78876https://lists.debian.org/debian-lts-announce/2020/06/msg00033.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBA3TFZSP3TB5N4G24SO6BI64RJZXE3D/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMDUQ7XFONY3BWTAQQUD3QUGZT6NFZUF/https://security.netapp.com/advisory/ntap-20200528-0006/https://usn.ubuntu.com/4375-1/https://www.debian.org/security/2020/dsa-4717https://www.debian.org/security/2020/dsa-4719https://www.oracle.com/security-alerts/cpuApr2021.htmlhttps://www.oracle.com/security-alerts/cpuoct2020.htmlhttps://www.tenable.com/security/tns-2021-14http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00045.htmlhttps://bugs.php.net/bug.php?id=78875https://bugs.php.net/bug.php?id=78876https://lists.debian.org/debian-lts-announce/2020/06/msg00033.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBA3TFZSP3TB5N4G24SO6BI64RJZXE3D/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMDUQ7XFONY3BWTAQQUD3QUGZT6NFZUF/https://security.netapp.com/advisory/ntap-20200528-0006/https://usn.ubuntu.com/4375-1/https://www.debian.org/security/2020/dsa-4717https://www.debian.org/security/2020/dsa-4719https://www.oracle.com/security-alerts/cpuApr2021.htmlhttps://www.oracle.com/security-alerts/cpuoct2020.htmlhttps://www.tenable.com/security/tns-2021-14
2020-05-20
Published