php
Opgelost in
7.2.26
7.3.13
7.4.1
CVE-2019-11047 describes a buffer overflow vulnerability within the PHP EXIF extension. This flaw arises when processing EXIF data from images using the exifreaddata() function. Successful exploitation can result in information disclosure or a denial-of-service crash. The vulnerability affects PHP versions 7.2.0 through 7.2.25, 7.3.0 through 7.3.12, and 7.4.0. A fix is available in PHP 7.4.1.
An attacker could exploit this vulnerability by crafting a malicious image file containing specially crafted EXIF data. When the PHP application processes this image using exifreaddata(), the buffer overflow occurs, potentially allowing the attacker to read sensitive information from memory. This could include configuration files, database credentials, or other confidential data. In a worst-case scenario, the overflow could lead to arbitrary code execution, granting the attacker complete control over the affected server. The impact is particularly severe for web applications that heavily rely on image processing and EXIF data extraction, such as photo galleries, image editing tools, and content management systems.
CVE-2019-11047 was published on December 23, 2019. While no widespread active exploitation campaigns have been publicly reported, the vulnerability's potential for information disclosure and denial-of-service makes it a worthwhile target for attackers. Public proof-of-concept (POC) exploits are available, demonstrating the feasibility of exploitation. The vulnerability is not currently listed on CISA KEV, but its medium severity warrants attention, especially for systems running older, unpatched PHP versions.
Exploit Status
EPSS
3.20% (87% percentiel)
CVSS-vector
The primary mitigation for CVE-2019-11047 is to upgrade to a patched version of PHP, specifically 7.4.1 or later. If upgrading immediately is not feasible, consider implementing a temporary workaround by validating and sanitizing EXIF data before processing it with exifreaddata(). This could involve limiting the size of EXIF data read or stripping potentially malicious tags. Web application firewalls (WAFs) can be configured to detect and block requests containing suspicious EXIF data. Monitor PHP error logs for any crashes or unexpected behavior related to EXIF processing, which could indicate an attempted exploitation. After upgrading, confirm the fix by attempting to process a known malicious EXIF file and verifying that the application does not crash or disclose sensitive information.
Actualice a la última versión de PHP. Si está utilizando PHP 7.2.x, actualice a la versión 7.2.26 o superior. Si está utilizando PHP 7.3.x, actualice a la versión 7.3.13 o superior. Si está utilizando PHP 7.4.0, actualice a la versión 7.4.1 o superior.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2019-11047 is a medium-severity buffer overflow vulnerability in the PHP EXIF extension affecting versions 7.2.0–7.4.1. It allows attackers to potentially read sensitive information or cause a crash by crafting malicious image files.
You are affected if you are running PHP versions 7.2.0–7.2.25, 7.3.0–7.3.12, or 7.4.0 and process images using the EXIF extension.
Upgrade to PHP 7.4.1 or later to resolve the vulnerability. As a temporary workaround, validate and sanitize EXIF data before processing.
While no widespread active exploitation campaigns have been publicly reported, the vulnerability is considered exploitable and a potential target for attackers.
Refer to the official PHP security advisory: https://security.php.net/CVE-2019-11047
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.