Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-11047

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.032
EPSS Ranking 86.4%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 6.4
References
Products affected by CVE-2019-11047
  • Php » Php » Version: 7.2.0
    cpe:2.3:a:php:php:7.2.0
  • Php » Php » Version: 7.2.1
    cpe:2.3:a:php:php:7.2.1
  • Php » Php » Version: 7.2.10
    cpe:2.3:a:php:php:7.2.10
  • Php » Php » Version: 7.2.11
    cpe:2.3:a:php:php:7.2.11
  • Php » Php » Version: 7.2.12
    cpe:2.3:a:php:php:7.2.12
  • Php » Php » Version: 7.2.13
    cpe:2.3:a:php:php:7.2.13
  • Php » Php » Version: 7.2.14
    cpe:2.3:a:php:php:7.2.14
  • Php » Php » Version: 7.2.15
    cpe:2.3:a:php:php:7.2.15
  • Php » Php » Version: 7.2.16
    cpe:2.3:a:php:php:7.2.16
  • Php » Php » Version: 7.2.17
    cpe:2.3:a:php:php:7.2.17
  • Php » Php » Version: 7.2.18
    cpe:2.3:a:php:php:7.2.18
  • Php » Php » Version: 7.2.19
    cpe:2.3:a:php:php:7.2.19
  • Php » Php » Version: 7.2.2
    cpe:2.3:a:php:php:7.2.2
  • Php » Php » Version: 7.2.20
    cpe:2.3:a:php:php:7.2.20
  • Php » Php » Version: 7.2.21
    cpe:2.3:a:php:php:7.2.21
  • Php » Php » Version: 7.2.22
    cpe:2.3:a:php:php:7.2.22
  • Php » Php » Version: 7.2.23
    cpe:2.3:a:php:php:7.2.23
  • Php » Php » Version: 7.2.24
    cpe:2.3:a:php:php:7.2.24
  • Php » Php » Version: 7.2.25
    cpe:2.3:a:php:php:7.2.25
  • Php » Php » Version: 7.2.3
    cpe:2.3:a:php:php:7.2.3
  • Php » Php » Version: 7.2.4
    cpe:2.3:a:php:php:7.2.4
  • Php » Php » Version: 7.2.5
    cpe:2.3:a:php:php:7.2.5
  • Php » Php » Version: 7.2.6
    cpe:2.3:a:php:php:7.2.6
  • Php » Php » Version: 7.2.7
    cpe:2.3:a:php:php:7.2.7
  • Php » Php » Version: 7.2.8
    cpe:2.3:a:php:php:7.2.8
  • Php » Php » Version: 7.2.9
    cpe:2.3:a:php:php:7.2.9
  • Php » Php » Version: 7.3.0
    cpe:2.3:a:php:php:7.3.0
  • Php » Php » Version: 7.3.1
    cpe:2.3:a:php:php:7.3.1
  • Php » Php » Version: 7.3.10
    cpe:2.3:a:php:php:7.3.10
  • Php » Php » Version: 7.3.11
    cpe:2.3:a:php:php:7.3.11
  • Php » Php » Version: 7.3.12
    cpe:2.3:a:php:php:7.3.12
  • Php » Php » Version: 7.3.2
    cpe:2.3:a:php:php:7.3.2
  • Php » Php » Version: 7.3.3
    cpe:2.3:a:php:php:7.3.3
  • Php » Php » Version: 7.3.4
    cpe:2.3:a:php:php:7.3.4
  • Php » Php » Version: 7.3.5
    cpe:2.3:a:php:php:7.3.5
  • Php » Php » Version: 7.3.6
    cpe:2.3:a:php:php:7.3.6
  • Php » Php » Version: 7.3.7
    cpe:2.3:a:php:php:7.3.7
  • Php » Php » Version: 7.3.8
    cpe:2.3:a:php:php:7.3.8
  • Php » Php » Version: 7.3.9
    cpe:2.3:a:php:php:7.3.9
  • Php » Php » Version: 7.4.0
    cpe:2.3:a:php:php:7.4.0
  • Canonical » Ubuntu Linux » Version: 12.04
    cpe:2.3:o:canonical:ubuntu_linux:12.04
  • Canonical » Ubuntu Linux » Version: 14.04
    cpe:2.3:o:canonical:ubuntu_linux:14.04
  • Canonical » Ubuntu Linux » Version: 16.04
    cpe:2.3:o:canonical:ubuntu_linux:16.04
  • Canonical » Ubuntu Linux » Version: 18.04
    cpe:2.3:o:canonical:ubuntu_linux:18.04
  • Canonical » Ubuntu Linux » Version: 19.04
    cpe:2.3:o:canonical:ubuntu_linux:19.04
  • Canonical » Ubuntu Linux » Version: 19.10
    cpe:2.3:o:canonical:ubuntu_linux:19.10
  • Debian » Debian Linux » Version: 10.0
    cpe:2.3:o:debian:debian_linux:10.0
  • Debian » Debian Linux » Version: 8.0
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian » Debian Linux » Version: 9.0
    cpe:2.3:o:debian:debian_linux:9.0
  • Fedoraproject » Fedora » Version: 30
    cpe:2.3:o:fedoraproject:fedora:30
  • Fedoraproject » Fedora » Version: 31
    cpe:2.3:o:fedoraproject:fedora:31


Contact Us

Shodan ® - All rights reserved