CVE-2019-11049
MEDIUMPHP 7.3.0-7.3.12 - Use-After-Free via mail() Function Lowercase Header
Title source: llmDescription
In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function, due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in lowercase, this can result in double-freeing certain memory locations.
References (7)
Core 7
Core References
Mailing List, Patch, Vendor Advisory x_refsource_misc
https://bugs.php.net/bug.php?id=78943
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20200103-0002/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/
Mailing List, Third Party Advisory mailing-list
x_refsource_bugtraq
https://seclists.org/bugtraq/2020/Feb/27
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2020/dsa-4626
Third Party Advisory x_refsource_confirm
https://www.tenable.com/security/tns-2021-14
Scores
CVSS v3
6.5
EPSS
0.0280
EPSS Percentile
86.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
Details
CWE
CWE-415
Status
published
Products (6)
debian/debian_linux
10.0
fedoraproject/fedora
30
fedoraproject/fedora
31
php/php
7.4.0
php/php
7.3.0 - 7.3.13
tenable/securitycenter
< 5.19.0
Published
Dec 23, 2019
Tracked Since
Feb 18, 2026