PHP up to 7.1.30/7.2.20/7.3.7 EXIF Extension exif_read_data Image memory corruption

Summaryinfo

A vulnerability was found in PHP up to 7.1.30/7.2.20/7.3.7. It has been declared as critical. Affected is the function exif_read_data of the component EXIF Extension. Such manipulation as part of Image leads to memory corruption. This vulnerability is traded as CVE-2019-11041. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Detailsinfo

A vulnerability, which was classified as critical, has been found in PHP up to 7.1.30/7.2.20/7.3.7 (Programming Language Software). Affected by this issue is the function exif_read_data of the component EXIF Extension. The manipulation as part of a Image leads to a memory corruption vulnerability. Using CWE to declare the problem leads to CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. Impacted is confidentiality, integrity, and availability. CVE summarizes:

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

The weakness was shared 08/09/2019 (Website). The advisory is available at bugs.php.net. This vulnerability is handled as CVE-2019-11041 since 04/09/2019. The attack may be launched remotely. No form of authentication is required for exploitation. Technical details are known, but there is no available exploit.

Upgrading to version 7.1.31, 7.2.21 or 7.3.8 eliminates this vulnerability.

The entry VDB-139755 is related to this item. If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Type

• Programming Language Software

Name

• PHP

Version

• 7.1.0
• 7.1.1
• 7.1.2
• 7.1.3
• 7.1.4
• 7.1.5
• 7.1.6
• 7.1.7
• 7.1.8
• 7.1.9
• 7.1.10
• 7.1.11
• 7.1.12
• 7.1.13
• 7.1.14
• 7.1.15
• 7.1.16
• 7.1.17
• 7.1.18
• 7.1.19
• 7.1.20
• 7.1.21
• 7.1.22
• 7.1.23
• 7.1.24
• 7.1.25
• 7.1.26
• 7.1.27
• 7.1.28
• 7.1.29
• 7.1.30
• 7.2.0
• 7.2.1
• 7.2.2
• 7.2.3
• 7.2.4
• 7.2.5
• 7.2.6
• 7.2.7
• 7.2.8
• 7.2.9
• 7.2.10
• 7.2.11
• 7.2.12
• 7.2.13
• 7.2.14
• 7.2.15
• 7.2.16
• 7.2.17
• 7.2.18
• 7.2.19
• 7.2.20
• 7.3.0
• 7.3.1
• 7.3.2
• 7.3.3
• 7.3.4
• 7.3.5
• 7.3.6
• 7.3.7

License

• open-source

Website

• Product: https://www.php.org/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Discussion