{"containers":{"cna":{"affected":[{"product":"PHP","vendor":"PHP Group","versions":[{"status":"affected","version":"7.1.x < 7.1.30"},{"status":"affected","version":"7.2.x < 7.2.19"},{"status":"affected","version":"7.3.x < 7.3.6"}]}],"configurations":[{"lang":"en","value":"The code has to enable gd extension and use gdImageCreateFromXbm() on externally controlled data to be vulnerable."}],"credits":[{"lang":"en","value":"By chamal dot desilva at gmail dot com"}],"datePublic":"2019-05-28T00:00:00.000Z","descriptions":[{"lang":"en","value":"When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code."}],"metrics":[{"cvssV3_0":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":3.1,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N","version":"3.0"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-457","description":"CWE-457: Use of Uninitialized Variable","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2020-04-08T01:06:06.000Z","orgId":"dd77f84a-d19a-4638-8c3d-a322d820ed2b","shortName":"php"},"references":[{"name":"FEDORA-2019-be4f895015","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/"},{"name":"FEDORA-2019-8c4b25b5ec","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/"},{"name":"[debian-lts-announce] 20190611 [SECURITY] [DLA 1817-1] libgd2 security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00003.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugs.php.net/bug.php?id=77973"},{"tags":["x_refsource_CONFIRM"],"url":"https://github.com/libgd/libgd/issues/501"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1140118"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1140120"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1724149"},{"tags":["x_refsource_MISC"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1724432"},{"name":"RHSA-2019:2519","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"name":"DSA-4529","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"https://www.debian.org/security/2019/dsa-4529"},{"name":"20190923 [SECURITY] [DSA 4529-1] php7.0 security update","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"https://seclists.org/bugtraq/2019/Sep/38"},{"name":"RHSA-2019:3299","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"name":"openSUSE-SU-2020:0332","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html"},{"name":"FEDORA-2020-e795f92d79","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/"},{"name":"USN-4316-2","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/4316-2/"},{"name":"USN-4316-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/4316-1/"}],"source":{"defect":["https://bugs.php.net/bug.php?id=77973"],"discovery":"EXTERNAL"},"title":"Uninitialized read in gdImageCreateFromXbm","x_generator":{"engine":"Vulnogram 0.0.7"},"x_legacyV4Record":{"CVE_data_meta":{"AKA":"","ASSIGNER":"security@php.net","DATE_PUBLIC":"2019-05-28T06:49:00.000Z","ID":"CVE-2019-11038","STATE":"PUBLIC","TITLE":"Uninitialized read in gdImageCreateFromXbm"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"PHP","version":{"version_data":[{"version_value":"7.1.x < 7.1.30"},{"version_value":"7.2.x < 7.2.19"},{"version_value":"7.3.x < 7.3.6"}]}}]},"vendor_name":"PHP Group"}]}},"configuration":[{"lang":"en","value":"The code has to enable gd extension and use gdImageCreateFromXbm() on externally controlled data to be vulnerable."}],"credit":[{"lang":"eng","value":"By chamal dot desilva at gmail dot com"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code."}]},"exploit":[],"generator":{"engine":"Vulnogram 0.0.7"},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":3.1,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N","version":"3.0"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-457: Use of Uninitialized Variable"}]}]},"references":{"reference_data":[{"name":"FEDORA-2019-be4f895015","refsource":"FEDORA","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/"},{"name":"FEDORA-2019-8c4b25b5ec","refsource":"FEDORA","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/"},{"name":"[debian-lts-announce] 20190611 [SECURITY] [DLA 1817-1] libgd2 security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00003.html"},{"name":"https://bugs.php.net/bug.php?id=77973","refsource":"CONFIRM","url":"https://bugs.php.net/bug.php?id=77973"},{"name":"https://github.com/libgd/libgd/issues/501","refsource":"CONFIRM","url":"https://github.com/libgd/libgd/issues/501"},{"name":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821","refsource":"CONFIRM","url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821"},{"name":"https://bugzilla.suse.com/show_bug.cgi?id=1140118","refsource":"CONFIRM","url":"https://bugzilla.suse.com/show_bug.cgi?id=1140118"},{"name":"https://bugzilla.suse.com/show_bug.cgi?id=1140120","refsource":"CONFIRM","url":"https://bugzilla.suse.com/show_bug.cgi?id=1140120"},{"name":"https://bugzilla.redhat.com/show_bug.cgi?id=1724149","refsource":"CONFIRM","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1724149"},{"name":"https://bugzilla.redhat.com/show_bug.cgi?id=1724432","refsource":"MISC","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1724432"},{"name":"RHSA-2019:2519","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"name":"DSA-4529","refsource":"DEBIAN","url":"https://www.debian.org/security/2019/dsa-4529"},{"name":"20190923 [SECURITY] [DSA 4529-1] php7.0 security update","refsource":"BUGTRAQ","url":"https://seclists.org/bugtraq/2019/Sep/38"},{"name":"RHSA-2019:3299","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"name":"openSUSE-SU-2020:0332","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html"},{"name":"FEDORA-2020-e795f92d79","refsource":"FEDORA","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/"},{"name":"USN-4316-2","refsource":"UBUNTU","url":"https://usn.ubuntu.com/4316-2/"},{"name":"USN-4316-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/4316-1/"}]},"solution":[],"source":{"advisory":"","defect":["https://bugs.php.net/bug.php?id=77973"],"discovery":"EXTERNAL"},"work_around":[]}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T22:40:15.995Z"},"title":"CVE Program Container","references":[{"name":"FEDORA-2019-be4f895015","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/"},{"name":"FEDORA-2019-8c4b25b5ec","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/"},{"name":"[debian-lts-announce] 20190611 [SECURITY] [DLA 1817-1] libgd2 security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00003.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugs.php.net/bug.php?id=77973"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/libgd/libgd/issues/501"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1140118"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1140120"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1724149"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1724432"},{"name":"RHSA-2019:2519","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"name":"DSA-4529","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"https://www.debian.org/security/2019/dsa-4529"},{"name":"20190923 [SECURITY] [DSA 4529-1] php7.0 security update","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"https://seclists.org/bugtraq/2019/Sep/38"},{"name":"RHSA-2019:3299","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"name":"openSUSE-SU-2020:0332","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html"},{"name":"FEDORA-2020-e795f92d79","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/"},{"name":"USN-4316-2","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/4316-2/"},{"name":"USN-4316-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/4316-1/"}]}]},"cveMetadata":{"assignerOrgId":"dd77f84a-d19a-4638-8c3d-a322d820ed2b","assignerShortName":"php","cveId":"CVE-2019-11038","datePublished":"2019-06-18T23:28:28.236Z","dateReserved":"2019-04-09T00:00:00.000Z","dateUpdated":"2024-09-16T21:04:15.889Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}