CVE-2019-11041

HIGH

Php < 7.1.31 - Out-of-Bounds Read

Title source: rule
STIX 2.1

Description

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

References (17)

Core 17
Core References
Exploit, Patch, Vendor Advisory x_refsource_confirm
https://bugs.php.net/bug.php?id=78222
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4097-2/
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4097-1/
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20190822-0003/
Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Sep/35
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2019/dsa-4527
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2019/dsa-4529
Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Sep/38
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html
Third Party Advisory x_refsource_confirm
https://support.apple.com/kb/HT210634
Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Oct/9
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2019/Oct/15
Third Party Advisory x_refsource_confirm
https://support.apple.com/kb/HT210722
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2019/Oct/55
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:3299
Third Party Advisory x_refsource_confirm
https://www.tenable.com/security/tns-2021-14

Scores

CVSS v3 7.1
EPSS 0.0327
EPSS Percentile 87.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

Details

CWE
CWE-125
Status published
Products (13)
apple/mac_os_x < 10.15.1
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 16.04
canonical/ubuntu_linux 18.04
canonical/ubuntu_linux 19.04
debian/debian_linux 8.0
debian/debian_linux 9.0
debian/debian_linux 10.0
opensuse/leap 15.0
... and 3 more
Published Aug 09, 2019
Tracked Since Feb 18, 2026