{"containers":{"cna":{"affected":[{"product":"PHP","vendor":"PHP Group","versions":[{"lessThan":"7.2.26","status":"affected","version":"7.2.x","versionType":"custom"},{"lessThan":"7.3.13","status":"affected","version":"7.3.x","versionType":"custom"},{"lessThan":"7.4.1","status":"affected","version":"7.4.x","versionType":"custom"}]}],"credits":[{"lang":"en","value":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19044"}],"datePublic":"2019-12-17T00:00:00.000Z","descriptions":[{"lang":"en","value":"When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":4.8,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-125","description":"CWE-125 Out-of-bounds Read","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-07-22T17:07:26.000Z","orgId":"dd77f84a-d19a-4638-8c3d-a322d820ed2b","shortName":"php"},"references":[{"tags":["x_refsource_MISC"],"url":"https://bugs.php.net/bug.php?id=78910"},{"name":"[debian-lts-announce] 20191229 [SECURITY] [DLA 2050-1] php5 security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://security.netapp.com/advisory/ntap-20200103-0002/"},{"name":"FEDORA-2019-437d94e271","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/"},{"name":"FEDORA-2019-a54a622670","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/"},{"name":"USN-4239-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/4239-1/"},{"name":"openSUSE-SU-2020:0080","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html"},{"name":"20200218 [SECURITY] [DSA 4626-1] php7.3 security update","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"https://seclists.org/bugtraq/2020/Feb/27"},{"name":"DSA-4626","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"https://www.debian.org/security/2020/dsa-4626"},{"name":"DSA-4628","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"https://www.debian.org/security/2020/dsa-4628"},{"name":"20200219 [SECURITY] [DSA 4628-1] php7.0 security update","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"https://seclists.org/bugtraq/2020/Feb/31"},{"name":"20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"https://seclists.org/bugtraq/2021/Jan/3"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.tenable.com/security/tns-2021-14"}],"source":{"defect":["https://bugs.php.net/bug.php?id=78910"],"discovery":"INTERNAL"},"title":"Heap-buffer-overflow READ in exif","x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security@php.net","DATE_PUBLIC":"2019-12-17T03:02:00.000Z","ID":"CVE-2019-11047","STATE":"PUBLIC","TITLE":"Heap-buffer-overflow READ in exif"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"PHP","version":{"version_data":[{"version_affected":"<","version_name":"7.2.x","version_value":"7.2.26"},{"version_affected":"<","version_name":"7.3.x","version_value":"7.3.13"},{"version_affected":"<","version_name":"7.4.x","version_value":"7.4.1"}]}}]},"vendor_name":"PHP Group"}]}},"credit":[{"lang":"eng","value":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19044"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":4.8,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-125 Out-of-bounds Read"}]}]},"references":{"reference_data":[{"name":"https://bugs.php.net/bug.php?id=78910","refsource":"MISC","url":"https://bugs.php.net/bug.php?id=78910"},{"name":"[debian-lts-announce] 20191229 [SECURITY] [DLA 2050-1] php5 security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html"},{"name":"https://security.netapp.com/advisory/ntap-20200103-0002/","refsource":"CONFIRM","url":"https://security.netapp.com/advisory/ntap-20200103-0002/"},{"name":"FEDORA-2019-437d94e271","refsource":"FEDORA","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/"},{"name":"FEDORA-2019-a54a622670","refsource":"FEDORA","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/"},{"name":"USN-4239-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/4239-1/"},{"name":"openSUSE-SU-2020:0080","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html"},{"name":"20200218 [SECURITY] [DSA 4626-1] php7.3 security update","refsource":"BUGTRAQ","url":"https://seclists.org/bugtraq/2020/Feb/27"},{"name":"DSA-4626","refsource":"DEBIAN","url":"https://www.debian.org/security/2020/dsa-4626"},{"name":"DSA-4628","refsource":"DEBIAN","url":"https://www.debian.org/security/2020/dsa-4628"},{"name":"20200219 [SECURITY] [DSA 4628-1] php7.0 security update","refsource":"BUGTRAQ","url":"https://seclists.org/bugtraq/2020/Feb/31"},{"name":"20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update","refsource":"BUGTRAQ","url":"https://seclists.org/bugtraq/2021/Jan/3"},{"name":"https://www.tenable.com/security/tns-2021-14","refsource":"CONFIRM","url":"https://www.tenable.com/security/tns-2021-14"}]},"source":{"defect":["https://bugs.php.net/bug.php?id=78910"],"discovery":"INTERNAL"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T22:40:16.115Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://bugs.php.net/bug.php?id=78910"},{"name":"[debian-lts-announce] 20191229 [SECURITY] [DLA 2050-1] php5 security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://security.netapp.com/advisory/ntap-20200103-0002/"},{"name":"FEDORA-2019-437d94e271","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/"},{"name":"FEDORA-2019-a54a622670","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/"},{"name":"USN-4239-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/4239-1/"},{"name":"openSUSE-SU-2020:0080","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html"},{"name":"20200218 [SECURITY] [DSA 4626-1] php7.3 security update","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"https://seclists.org/bugtraq/2020/Feb/27"},{"name":"DSA-4626","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"https://www.debian.org/security/2020/dsa-4626"},{"name":"DSA-4628","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"https://www.debian.org/security/2020/dsa-4628"},{"name":"20200219 [SECURITY] [DSA 4628-1] php7.0 security update","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"https://seclists.org/bugtraq/2020/Feb/31"},{"name":"20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"https://seclists.org/bugtraq/2021/Jan/3"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.tenable.com/security/tns-2021-14"}]}]},"cveMetadata":{"assignerOrgId":"dd77f84a-d19a-4638-8c3d-a322d820ed2b","assignerShortName":"php","cveId":"CVE-2019-11047","datePublished":"2019-12-23T02:40:17.978Z","dateReserved":"2019-04-09T00:00:00.000Z","dateUpdated":"2024-09-17T04:24:19.473Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}