CVE-2019-11041
Summary
| CVE | CVE-2019-11041 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-08-09 20:15:00 UTC |
| Updated | 2023-02-28 15:13:00 UTC |
| Description | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. |
Risk And Classification
Problem Types: CWE-125
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Apple | Mac Os X | All | All | All | All |
| Operating System | Apple | Mac Os X | All | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 18.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 19.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 18.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 19.04 | All | All | All |
| Operating System | Debian | Debian Linux | 10.0 | All | All | All |
| Operating System | Debian | Debian Linux | 8.0 | All | All | All |
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Operating System | Debian | Debian Linux | 10.0 | All | All | All |
| Operating System | Debian | Debian Linux | 8.0 | All | All | All |
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Operating System | Opensuse | Leap | 15.0 | All | All | All |
| Operating System | Opensuse | Leap | 15.0 | All | All | All |
| Application | Php | Php | All | All | All | All |
| Application | Php | Php | All | All | All | All |
| Application | Redhat | Software Collections | 1.0 | All | All | All |
| Application | Redhat | Software Collections | 1.0 | All | All | All |
| Application | Tenable | Tenable.sc | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Red Hat Customer Portal | REDHAT | access.redhat.com | Third Party Advisory |
| About the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006 - Apple Support | CONFIRM | support.apple.com | Third Party Advisory |
| Full Disclosure: APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15 | FULLDISC | seclists.org | Mailing List, Third Party Advisory |
| USN-4097-1: PHP vulnerabilities | Ubuntu security notices | Ubuntu | UBUNTU | usn.ubuntu.com | Third Party Advisory |
| Bugtraq: [SECURITY] [DSA 4527-1] php7.3 security update | BUGTRAQ | seclists.org | Mailing List, Third Party Advisory |
| Bugtraq: APPLE-SA-2019-10-07-1 macOS Catalina 10.15 | BUGTRAQ | seclists.org | Mailing List, Third Party Advisory |
| Debian -- Security Information -- DSA-4527-1 php7.3 | DEBIAN | www.debian.org | Third Party Advisory |
| [R1] Tenable.sc 5.19.0 Fixes Multiple Third-party Vulnerabilities - Security Advisory | Tenable® | CONFIRM | www.tenable.com | |
| USN-4097-2: PHP vulnerabilities | Ubuntu security notices | Ubuntu | UBUNTU | usn.ubuntu.com | Third Party Advisory |
| About the security content of macOS Catalina 10.15 - Apple Support | CONFIRM | support.apple.com | Third Party Advisory |
| Debian -- Security Information -- DSA-4529-1 php7.0 | DEBIAN | www.debian.org | Third Party Advisory |
| Bugtraq: [SECURITY] [DSA 4529-1] php7.0 security update | BUGTRAQ | seclists.org | Mailing List, Third Party Advisory |
| Full Disclosure: APPLE-SA-2019-10-07-1 macOS Catalina 10.15 | FULLDISC | seclists.org | Mailing List, Third Party Advisory |
| [security-announce] openSUSE-SU-2019:2271-1: important: Security update | SUSE | lists.opensuse.org | Third Party Advisory |
| [SECURITY] [DLA 1878-1] php5 security update | MLIST | lists.debian.org | Mailing List, Third Party Advisory |
| PHP :: Sec Bug #78222 :: heap-buffer-overflow on exif_scan_thumbnail | CONFIRM | bugs.php.net | Exploit, Patch, Vendor Advisory |
| August 2019 PHP Vulnerabilities in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: By orestiskourides at gmail dot com
Legacy QID Mappings
- 159670 Oracle Enterprise Linux Security Update for php:7.2 (ELSA-2020-1624)
- 296079 Oracle Solaris 11.4 Support Repository Update (SRU) 15.5.0 Missing (CPUOCT2019)
- 501147 Alpine Linux Security Update for php7
- 752878 SUSE Enterprise Linux Security Update for php7 (SUSE-SU-2022:4067-1)
- 940250 AlmaLinux Security Update for php:7.3 (ALSA-2020:3662)
- 940404 AlmaLinux Security Update for php:7.2 (ALSA-2020:1624)
- 960218 Rocky Linux Security Update for php:7.2 (RLSA-2020:1624)
- 960421 Rocky Linux Security Update for php:7.3 (RLSA-2020:3662)