CVE-2019-11040
Summary
| CVE | CVE-2019-11040 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-06-19 00:15:00 UTC |
| Updated | 2020-10-16 12:57:00 UTC |
| Description | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. |
Risk And Classification
Problem Types: CWE-125
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Debian | Debian Linux | 10.0 | All | All | All |
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Operating System | Debian | Debian Linux | 10.0 | All | All | All |
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Operating System | Opensuse | Leap | 15.0 | All | All | All |
| Operating System | Opensuse | Leap | 15.1 | All | All | All |
| Operating System | Opensuse | Leap | 15.0 | All | All | All |
| Operating System | Opensuse | Leap | 15.1 | All | All | All |
| Application | Php | Php | All | All | All | All |
| Application | Php | Php | All | All | All | All |
| Application | Redhat | Software Collections | 1.0 | All | All | All |
| Application | Redhat | Software Collections | 1.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Red Hat Customer Portal | REDHAT | access.redhat.com | Third Party Advisory |
| Bugtraq: [SECURITY] [DSA 4527-1] php7.3 security update | BUGTRAQ | seclists.org | Mailing List, Third Party Advisory |
| Debian -- Security Information -- DSA-4527-1 php7.3 | DEBIAN | www.debian.org | Third Party Advisory |
| PHP :: Sec Bug #77988 :: heap-buffer-overflow on php_jpg_get16 | CONFIRM | bugs.php.net | Exploit, Mailing List, Vendor Advisory |
| Debian -- Security Information -- DSA-4529-1 php7.0 | DEBIAN | www.debian.org | Third Party Advisory |
| Bugtraq: [SECURITY] [DSA 4529-1] php7.0 security update | BUGTRAQ | seclists.org | Mailing List, Third Party Advisory |
| [security-announce] openSUSE-SU-2019:1778-1: moderate: Security update f | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| Red Hat Customer Portal | REDHAT | access.redhat.com | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: By orestiskourides at gmail dot com
Legacy QID Mappings
- 159670 Oracle Enterprise Linux Security Update for php:7.2 (ELSA-2020-1624)
- 296079 Oracle Solaris 11.4 Support Repository Update (SRU) 15.5.0 Missing (CPUOCT2019)
- 501130 Alpine Linux Security Update for php7
- 752878 SUSE Enterprise Linux Security Update for php7 (SUSE-SU-2022:4067-1)
- 940250 AlmaLinux Security Update for php:7.3 (ALSA-2020:3662)
- 940404 AlmaLinux Security Update for php:7.2 (ALSA-2020:1624)
- 960218 Rocky Linux Security Update for php:7.2 (RLSA-2020:1624)
- 960421 Rocky Linux Security Update for php:7.3 (RLSA-2020:3662)