OpenSUSE Linux update for php5



Published: 2019-04-23
Risk High
Patch available YES
Number of vulnerabilities 6
CVE-ID CVE-2018-20783
CVE-2019-9020
CVE-2019-9021
CVE-2019-9023
CVE-2019-9024
CVE-2019-9641
CWE-ID CWE-284
CWE-125
CWE-119
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Opensuse
Operating systems & Components / Operating system

Vendor SUSE

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

1) Improper access control

EUVDB-ID: #VU15509

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-20783

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows an adjacent attacker to bypass authentication on the target system.

The vulnerability exists due to improper access control. An adjacent attacker can force-pair the device without human interaction.

Mitigation

Update the affected packages.

Vulnerable software versions

Opensuse: 42.3

External links

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU22475

Risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-9020

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the xml_elem_parse_buf() in ext/xmlrpc/libxmlrpc/xml_element.c when reading XML data via the xmlrpc_decode() PHP function. A remote attacker can create a specially crafted XML file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected packages.

Vulnerable software versions

Opensuse: 42.3

External links

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU22476

Risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-9021

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the phar_detect_phar_fname_ext() function in ext/phar/phar.c (PHAR extension) when reading PHAR archives. A remote attacker can create a specially crafted PHAR archive, pass it to the affected application, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected packages.

Vulnerable software versions

Opensuse: 42.3

External links

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU22478

Risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-9023

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a multiple boundary condition within the ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c files when parsing multibyte data in regular expressions. A remote attacker can pass specially crafted input to the application, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected packages.

Vulnerable software versions

Opensuse: 42.3

External links

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU22479

Risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-9024

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the base64_decode_xmlrpc() function in ext/xmlrpc/libxmlrpc/base64.c when parsing untrusted input via the xmlrpc_decode() PHP function. A remote attacker can setup a malicious XMLRPC server, trick the application into connecting to it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected packages.

Vulnerable software versions

Opensuse: 42.3

External links

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Buffer overflow

EUVDB-ID: #VU31148

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-9641

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.

Mitigation

Update the affected packages.

Vulnerable software versions

Opensuse: 42.3

External links

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###