CVE-2019-11039
Out-of-bounds read in iconv.c
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.
La función iconv_mime_decode_headers () en las versiones de PHP 7.1.x por debajo de 7.1.30, 7.2.x por debajo de 7.2.19 y 7.3.x por debajo de 7.3.6 puede realizar una lectura fuera del búfer debido al desbordamiento de enteros al analizar los encabezados MIME. Esto puede llevar a la divulgación de información o colisión.
It was discovered that PHP incorrectly handled certain exif tags in images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that PHP incorrectly decoding certain MIME headers. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-04-09 CVE Reserved
- 2019-06-05 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-125: Out-of-bounds Read
- CWE-190: Integer Overflow or Wraparound
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| https://seclists.org/bugtraq/2019/Sep/35 | Mailing List |
|
| https://seclists.org/bugtraq/2019/Sep/38 | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://bugs.php.net/bug.php?id=78069 | 2024-09-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00029.html | 2020-10-16 | |
| https://access.redhat.com/errata/RHSA-2019:2519 | 2020-10-16 | |
| https://access.redhat.com/errata/RHSA-2019:3299 | 2020-10-16 | |
| https://www.debian.org/security/2019/dsa-4527 | 2020-10-16 | |
| https://www.debian.org/security/2019/dsa-4529 | 2020-10-16 | |
| https://access.redhat.com/security/cve/CVE-2019-11039 | 2020-09-08 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1724152 | 2020-09-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 7.1.0 < 7.1.30 Search vendor "Php" for product "Php" and version " >= 7.1.0 < 7.1.30" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 7.2.0 < 7.2.19 Search vendor "Php" for product "Php" and version " >= 7.2.0 < 7.2.19" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 7.3.0 < 7.3.6 Search vendor "Php" for product "Php" and version " >= 7.3.0 < 7.3.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Software Collections Search vendor "Redhat" for product "Software Collections" | 1.0 Search vendor "Redhat" for product "Software Collections" and version "1.0" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.0 Search vendor "Opensuse" for product "Leap" and version "15.0" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.1 Search vendor "Opensuse" for product "Leap" and version "15.1" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||