CVE-2019-11045

Exploit

EPSS 35.84%
Veröffentlicht 23.12.2019 03:15:11
Zuletzt bearbeitet 21.11.2024 04:20:26
Quelle security@php.net
Teams Watchlist Login
Unerledigt Login

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 2 Referenzen 16

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Php ≫ Php Version >= 7.2.0 <= 7.2.26

Php ≫ Php Version >= 7.3.0 <= 7.3.13

Php ≫ Php Version7.4.0

Fedoraproject ≫ Fedora Version30

Fedoraproject ≫ Fedora Version31

Debian ≫ Debian Linux Version8.0

Debian ≫ Debian Linux Version9.0

Debian ≫ Debian Linux Version10.0

Opensuse ≫ Leap Version15.1

Canonical ≫ Ubuntu Linux Version12.04 SwEdition-

Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version16.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version19.04

Canonical ≫ Ubuntu Linux Version19.10

Tenable ≫ Securitycenter Version < 5.19.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	35.84%	0.97

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
security@php.net	3.7	2.2	1.4	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-170 Improper Null Termination

The product does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator.

CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

https://www.tenable.com/security/tns-2021-14

Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/

https://security.netapp.com/advisory/ntap-20200103-0002/

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html

Third Party Advisory

Mailing List

https://bugs.php.net/bug.php?id=78863

Patch

Vendor Advisory