CVE-2019-11038
Vulnerability from cvelistv5
Published
2019-06-18 23:28
Modified
2024-09-16 21:04
Summary
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.
References
security@php.nethttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.htmlMailing List, Third Party Advisory
security@php.nethttps://access.redhat.com/errata/RHSA-2019:2519Third Party Advisory
security@php.nethttps://access.redhat.com/errata/RHSA-2019:3299Third Party Advisory
security@php.nethttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821Mailing List, Third Party Advisory
security@php.nethttps://bugs.php.net/bug.php?id=77973Vendor Advisory
security@php.nethttps://bugzilla.redhat.com/show_bug.cgi?id=1724149Exploit, Issue Tracking, Third Party Advisory
security@php.nethttps://bugzilla.redhat.com/show_bug.cgi?id=1724432Exploit, Issue Tracking, Third Party Advisory
security@php.nethttps://bugzilla.suse.com/show_bug.cgi?id=1140118Exploit, Issue Tracking, Third Party Advisory
security@php.nethttps://bugzilla.suse.com/show_bug.cgi?id=1140120Exploit, Issue Tracking, Third Party Advisory
security@php.nethttps://github.com/libgd/libgd/issues/501Exploit, Third Party Advisory
security@php.nethttps://lists.debian.org/debian-lts-announce/2019/06/msg00003.htmlMailing List, Third Party Advisory
security@php.nethttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/
security@php.nethttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/
security@php.nethttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/
security@php.nethttps://seclists.org/bugtraq/2019/Sep/38Mailing List, Third Party Advisory
security@php.nethttps://usn.ubuntu.com/4316-1/Third Party Advisory
security@php.nethttps://usn.ubuntu.com/4316-2/Third Party Advisory
security@php.nethttps://www.debian.org/security/2019/dsa-4529Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:2519Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:3299Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugs.php.net/bug.php?id=77973Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1724149Exploit, Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1724432Exploit, Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.suse.com/show_bug.cgi?id=1140118Exploit, Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.suse.com/show_bug.cgi?id=1140120Exploit, Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/libgd/libgd/issues/501Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2019/06/msg00003.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/
af854a3a-2127-422b-91ae-364da2661108https://seclists.org/bugtraq/2019/Sep/38Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4316-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4316-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2019/dsa-4529Third Party Advisory
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:15.995Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2019-be4f895015",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/"
          },
          {
            "name": "FEDORA-2019-8c4b25b5ec",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/"
          },
          {
            "name": "[debian-lts-announce] 20190611 [SECURITY] [DLA 1817-1] libgd2 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00003.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=77973"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/libgd/libgd/issues/501"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1140118"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1140120"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724149"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724432"
          },
          {
            "name": "RHSA-2019:2519",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2519"
          },
          {
            "name": "DSA-4529",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4529"
          },
          {
            "name": "20190923 [SECURITY] [DSA 4529-1] php7.0 security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Sep/38"
          },
          {
            "name": "RHSA-2019:3299",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3299"
          },
          {
            "name": "openSUSE-SU-2020:0332",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html"
          },
          {
            "name": "FEDORA-2020-e795f92d79",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/"
          },
          {
            "name": "USN-4316-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4316-2/"
          },
          {
            "name": "USN-4316-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4316-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PHP",
          "vendor": "PHP Group",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.x \u003c 7.1.30"
            },
            {
              "status": "affected",
              "version": "7.2.x \u003c 7.2.19"
            },
            {
              "status": "affected",
              "version": "7.3.x \u003c 7.3.6"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "The code has to enable gd extension and use gdImageCreateFromXbm() on externally controlled data to be vulnerable."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "By chamal dot desilva at gmail dot com"
        }
      ],
      "datePublic": "2019-05-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-457",
              "description": "CWE-457: Use of Uninitialized Variable",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-08T01:06:06",
        "orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b",
        "shortName": "php"
      },
      "references": [
        {
          "name": "FEDORA-2019-be4f895015",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/"
        },
        {
          "name": "FEDORA-2019-8c4b25b5ec",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/"
        },
        {
          "name": "[debian-lts-announce] 20190611 [SECURITY] [DLA 1817-1] libgd2 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00003.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/bug.php?id=77973"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/libgd/libgd/issues/501"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1140118"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1140120"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724149"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724432"
        },
        {
          "name": "RHSA-2019:2519",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2519"
        },
        {
          "name": "DSA-4529",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4529"
        },
        {
          "name": "20190923 [SECURITY] [DSA 4529-1] php7.0 security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Sep/38"
        },
        {
          "name": "RHSA-2019:3299",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3299"
        },
        {
          "name": "openSUSE-SU-2020:0332",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html"
        },
        {
          "name": "FEDORA-2020-e795f92d79",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/"
        },
        {
          "name": "USN-4316-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4316-2/"
        },
        {
          "name": "USN-4316-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4316-1/"
        }
      ],
      "source": {
        "defect": [
          "https://bugs.php.net/bug.php?id=77973"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Uninitialized read in gdImageCreateFromXbm",
      "x_generator": {
        "engine": "Vulnogram 0.0.7"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "AKA": "",
          "ASSIGNER": "security@php.net",
          "DATE_PUBLIC": "2019-05-28T06:49:00.000Z",
          "ID": "CVE-2019-11038",
          "STATE": "PUBLIC",
          "TITLE": "Uninitialized read in gdImageCreateFromXbm"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PHP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1.x \u003c 7.1.30"
                          },
                          {
                            "version_value": "7.2.x \u003c 7.2.19"
                          },
                          {
                            "version_value": "7.3.x \u003c 7.3.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "PHP Group"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "The code has to enable gd extension and use gdImageCreateFromXbm() on externally controlled data to be vulnerable."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "By chamal dot desilva at gmail dot com"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code."
            }
          ]
        },
        "exploit": [],
        "generator": {
          "engine": "Vulnogram 0.0.7"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-457: Use of Uninitialized Variable"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FEDORA-2019-be4f895015",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/"
            },
            {
              "name": "FEDORA-2019-8c4b25b5ec",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/"
            },
            {
              "name": "[debian-lts-announce] 20190611 [SECURITY] [DLA 1817-1] libgd2 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00003.html"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=77973",
              "refsource": "CONFIRM",
              "url": "https://bugs.php.net/bug.php?id=77973"
            },
            {
              "name": "https://github.com/libgd/libgd/issues/501",
              "refsource": "CONFIRM",
              "url": "https://github.com/libgd/libgd/issues/501"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821"
            },
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1140118",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1140118"
            },
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1140120",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1140120"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1724149",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724149"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1724432",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724432"
            },
            {
              "name": "RHSA-2019:2519",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2519"
            },
            {
              "name": "DSA-4529",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4529"
            },
            {
              "name": "20190923 [SECURITY] [DSA 4529-1] php7.0 security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Sep/38"
            },
            {
              "name": "RHSA-2019:3299",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3299"
            },
            {
              "name": "openSUSE-SU-2020:0332",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html"
            },
            {
              "name": "FEDORA-2020-e795f92d79",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/"
            },
            {
              "name": "USN-4316-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4316-2/"
            },
            {
              "name": "USN-4316-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4316-1/"
            }
          ]
        },
        "solution": [],
        "source": {
          "advisory": "",
          "defect": [
            "https://bugs.php.net/bug.php?id=77973"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": []
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b",
    "assignerShortName": "php",
    "cveId": "CVE-2019-11038",
    "datePublished": "2019-06-18T23:28:28.236592Z",
    "dateReserved": "2019-04-09T00:00:00",
    "dateUpdated": "2024-09-16T21:04:15.889Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-11038\",\"sourceIdentifier\":\"security@php.net\",\"published\":\"2019-06-19T00:15:12.360\",\"lastModified\":\"2024-11-21T04:20:25.263\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.\"},{\"lang\":\"es\",\"value\":\"Cuando se usa la funci\u00f3n gdImageCreateFromXbm () en la Biblioteca de gr\u00e1ficos GD (tambi\u00e9n conocida como LibGD) 2.2.5, como se usa en la extensi\u00f3n PHP GD en las versiones de PHP 7.1.x debajo de 7.1.30, 7.2.x debajo de 7.2.19 y 7.3.x debajo 7.3.6, es posible suministrar datos que har\u00e1n que la funci\u00f3n use el valor de la variable no inicializada. Esto puede llevar a revelar el contenido de la pila que ha quedado all\u00ed por c\u00f3digo anterior.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV30\":[{\"source\":\"security@php.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":3.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@php.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-457\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libgd:libgd:2.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C257CC1C-BF6A-4125-AA61-9C2D09096084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.1.0\",\"versionEndExcluding\":\"7.1.30\",\"matchCriteriaId\":\"56CFABDE-1BA0-42D1-B38E-A08F27B2BF16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0\",\"versionEndExcluding\":\"7.2.19\",\"matchCriteriaId\":\"2537B4A2-025F-4641-AFCF-82E492378C12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.0\",\"versionEndExcluding\":\"7.3.6\",\"matchCriteriaId\":\"B91B8478-BF61-468E-A7CC-5F418DDF2EB6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A31C8344-3E02-4EB8-8BD8-4C84B7959624\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D100F7CE-FC64-4CC6-852A-6136D72DA419\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F892F1B0-514C-42F7-90AE-12ACDFDC1033\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:12:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"55242557-663C-4870-A439-4C8FEEB69E7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"55E8AB88-2347-497B-91DE-AF64E08ED8F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"29AE5751-3EA5-4056-8E79-16D8DCD248EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"227AB4E0-7CD4-4094-BAA4-E98DC5279C97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C734CEC-64F2-4129-B52E-C81884B3AC9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"282B31FD-C5BB-4D81-9F74-6670B42551D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"243B9B56-C744-4C1C-B42E-158C1B041B6A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D7EE4B6-A6EC-4B9B-91DF-79615796673F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html\",\"source\":\"security@php.net\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2519\",\"source\":\"security@php.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3299\",\"source\":\"security@php.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821\",\"source\":\"security@php.net\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://bugs.php.net/bug.php?id=77973\",\"source\":\"security@php.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1724149\",\"source\":\"security@php.net\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1724432\",\"source\":\"security@php.net\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1140118\",\"source\":\"security@php.net\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1140120\",\"source\":\"security@php.net\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libgd/libgd/issues/501\",\"source\":\"security@php.net\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/06/msg00003.html\",\"source\":\"security@php.net\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/\",\"source\":\"security@php.net\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/\",\"source\":\"security@php.net\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/\",\"source\":\"security@php.net\"},{\"url\":\"https://seclists.org/bugtraq/2019/Sep/38\",\"source\":\"security@php.net\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4316-1/\",\"source\":\"security@php.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4316-2/\",\"source\":\"security@php.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4529\",\"source\":\"security@php.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2519\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3299\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://bugs.php.net/bug.php?id=77973\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1724149\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1724432\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1140118\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1140120\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libgd/libgd/issues/501\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/06/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKSSWFR2WPMUOIB5EN5ZM252NNEPYUTG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAZBVK6XNYEIN7RDQXESSD63QHXPLKWL/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2019/Sep/38\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4316-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4316-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4529\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.