When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:N/A:P
Vendors Products
Opensuse
  • Leap
Canonical
  • Ubuntu Linux
Redhat
  • Software Collections
Netapp
  • Storage Automation Store
Debian
  • Debian Linux
Php
  • Php

Configuration 1 [-]

OR cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*

Configuration 5 [-]

OR cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*

Configuration 6 [-]

OR cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html Mailing List Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2519 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3299 Third Party Advisory
https://bugs.php.net/bug.php?id=77831 Exploit Mailing List Vendor Advisory
https://lists.debian.org/debian-lts-announce/2019/05/msg00035.html Mailing List Third Party Advisory
https://seclists.org/bugtraq/2019/Sep/38 Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20190502-0001/ Patch Third Party Advisory
https://support.f5.com/csp/article/K44590877 Third Party Advisory
https://usn.ubuntu.com/3953-1/ Third Party Advisory
https://usn.ubuntu.com/3953-2/ Third Party Advisory
https://www.debian.org/security/2019/dsa-4529 Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: php

Published: 2019-04-01T00:00:00

Updated: 2019-11-01T15:06:28

Reserved: 2019-04-09T00:00:00

Link: CVE-2019-11035

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2019-04-18T17:29:00.947

Modified: 2020-10-02T13:13:39.757

Link: CVE-2019-11035

JSON object: View

cve-icon Redhat Information

No data.

CWE