CVE-2019-11038

Опубликовано: 19 июн. 2019

Источник: nvd

CVSS3: 3.1

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html
Mailing List
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2519
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3299
Third Party Advisory
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821
Mailing List
Third Party Advisory
https://bugs.php.net/bug.php?id=77973
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1724149
Exploit
Issue Tracking
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1724432
Exploit
Issue Tracking
Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1140118
Exploit
Issue Tracking
Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1140120
Exploit
Issue Tracking
Third Party Advisory
https://github.com/libgd/libgd/issues/501
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/06/msg00003.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/
https://seclists.org/bugtraq/2019/Sep/38
Mailing List
Third Party Advisory
https://usn.ubuntu.com/4316-1/
Third Party Advisory
https://usn.ubuntu.com/4316-2/
Third Party Advisory
https://www.debian.org/security/2019/dsa-4529
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html
Mailing List
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2519
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:libgd:libgd:2.2.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Версия от 7.1.0 (включая) до 7.1.30 (исключая)

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Версия от 7.2.0 (включая) до 7.2.19 (исключая)

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Версия от 7.3.0 (включая) до 7.3.6 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

Конфигурация 5

Одно из

cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:12:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp5:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp5:*:*:*:*:*:*

Конфигурация 6

Одно из

cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.09212

Низкий

3.1 Low

CVSS3

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-457

CWE-908

Связанные уязвимости

CVE-2019-11038

CVSS3: 5.3

ubuntu

около 6 лет назад

CVE-2019-11038

CVSS3: 3.3

redhat

около 6 лет назад

CVE-2019-11038

CVSS3: 5.3

debian

около 6 лет назад

When using the gdImageCreateFromXbm() function in the GD Graphics Libr ...

GHSA-8v67-h8jw-j3r2

CVSS3: 5.3

github

около 3 лет назад

When using gdImageCreateFromXbm() function of gd extension in versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.

BDU:2020-01676

CVSS3: 7.5

fstec

около 6 лет назад

Уязвимость функции gdImageCreateFromXbm графической библиотеке GD интерпретатора языка программирования PHP, связанная с недостатком механизма проверки вводимых данных, позволяющая нарушителю получить несанкционированный доступ к информации

EPSS

Процентиль: 92%

0.09212

Низкий

3.1 Low

CVSS3

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-457

CWE-908