Vulnerability Details : CVE-2019-11040
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
Vulnerability category: Information leak
Products affected by CVE-2019-11040
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
Threat overview for CVE-2019-11040
Top countries where our scanners detected CVE-2019-11040
Top open port discovered on systems with this issue
80
IPs affected by CVE-2019-11040 119,396
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2019-11040!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2019-11040
1.37%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-11040
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:P |
10.0
|
4.9
|
NIST | |
4.8
|
MEDIUM | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L |
2.2
|
2.5
|
PHP Group | |
9.1
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
3.9
|
5.2
|
NIST |
CWE ids for CVE-2019-11040
-
The product reads data past the end, or before the beginning, of the intended buffer.Assigned by:
- nvd@nist.gov (Primary)
- security@php.net (Secondary)
References for CVE-2019-11040
-
https://bugs.php.net/bug.php?id=77988
PHP :: Sec Bug #77988 :: heap-buffer-overflow on php_jpg_get16Exploit;Mailing List;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2019:3299
RHSA-2019:3299 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://seclists.org/bugtraq/2019/Sep/38
Bugtraq: [SECURITY] [DSA 4529-1] php7.0 security updateMailing List;Third Party Advisory
-
https://www.debian.org/security/2019/dsa-4529
Debian -- Security Information -- DSA-4529-1 php7.0Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:2519
RHSA-2019:2519 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://seclists.org/bugtraq/2019/Sep/35
Bugtraq: [SECURITY] [DSA 4527-1] php7.3 security updateMailing List;Third Party Advisory
-
https://www.debian.org/security/2019/dsa-4527
Debian -- Security Information -- DSA-4527-1 php7.3Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00029.html
[security-announce] openSUSE-SU-2019:1778-1: moderate: Security update fMailing List;Third Party Advisory
Jump to