Emil Lerner - Security Researcher - Exploit Intelligence Platform

CVE-2019-11043 NOMISEC HIGH WORKING POC

Php < 7.1.33 - Out-of-Bounds Write

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

1,835 stars

CVSS 8.7

View Code

CVE-2019-11043 NOMISEC HIGH WORKING POC

Php < 7.1.33 - Out-of-Bounds Write

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

3 stars

CVSS 8.7

View Code

CVE-2019-11043 GITLAB HIGH WORKING POC

Php < 7.1.33 - Out-of-Bounds Write

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

CVSS 8.7

View Code

CVE-2019-11043 EXPLOITDB HIGH WORKING POC

Php < 7.1.33 - Out-of-Bounds Write

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

CVSS 8.7

View Code