9.8

CVE-2019-11049

In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function, due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in lowercase, this can result in double-freeing certain memory locations.

Data is provided by the National Vulnerability Database (NVD)
PhpPhp Version >= 7.3.0 <= 7.3.13
   MicrosoftWindows Version-
PhpPhp Version7.4.0
   MicrosoftWindows Version-
FedoraprojectFedora Version30
FedoraprojectFedora Version31
DebianDebian Linux Version10.0
TenableSecuritycenter Version < 5.19.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 3.25% 0.866
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
security@php.net 6.5 2.2 4.2
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
CWE-415 Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

https://seclists.org/bugtraq/2020/Feb/27
Third Party Advisory
Mailing List
https://bugs.php.net/bug.php?id=78943
Patch
Vendor Advisory
Mailing List