Out-of-bounds read in PHP - CVE-2019-11036
Published: June 14, 2019
Vulnerability identifier: #VU18801
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2019-11036
CWE-ID: CWE-125
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: PHP Group
Affected software:
PHP
PHP
Detailed vulnerability description
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in exif_process_IFD_TAG() function in PHP EXIF extension. A remote attacker can send a specially crafted file to the affected application, trigger out-of-bounds read error and read contents of memory on the system or crash the process.
How to mitigate CVE-2019-11036
Install updates from vendor's website.
Sources
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html
- http://www.securityfocus.com/bid/108177
- https://bugs.php.net/bug.php?id=77950
- https://lists.debian.org/debian-lts-announce/2019/05/msg00035.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NFXYNCXZCPYT7ZN4ZLI5EPQQW44FRRO/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3BY2XUUAN277LS7HKAOGL4DVGAELOJV3/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WN2HLPGEZEF4MFM5YC5FILZB5QEQFP3A/
- https://security.netapp.com/advisory/ntap-20190517-0003/
- https://usn.ubuntu.com/3566-2/
- https://usn.ubuntu.com/4009-1/