ID CVE-2018-10549
Summary An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a MakerNote that lacks a final '\0' character.
References
Vulnerable Configurations
  • PHP PHP
    cpe:2.3:a:php:php
  • PHP 0.1
    cpe:2.3:a:php:php:0.1
  • PHP 0.2
    cpe:2.3:a:php:php:0.2
  • PHP 0.2.1
    cpe:2.3:a:php:php:0.2.1
  • PHP 0.2.3
    cpe:2.3:a:php:php:0.2.3
  • PHP 0.3
    cpe:2.3:a:php:php:0.3
  • PHP 0.5
    cpe:2.3:a:php:php:0.5
  • PHP 0.5.3
    cpe:2.3:a:php:php:0.5.3
  • PHP 0.7
    cpe:2.3:a:php:php:0.7
  • PHP 0.9
    cpe:2.3:a:php:php:0.9
  • PHP 0.9.1
    cpe:2.3:a:php:php:0.9.1
  • PHP 0.9.3
    cpe:2.3:a:php:php:0.9.3
  • PHP 0.10
    cpe:2.3:a:php:php:0.10
  • PHP 0.90
    cpe:2.3:a:php:php:0.90
  • PHP PHP_FI 1.0
    cpe:2.3:a:php:php:1.0
  • PHP 1.0.2
    cpe:2.3:a:php:php:1.0.2
  • PHP 1.0.4
    cpe:2.3:a:php:php:1.0.4
  • PHP 1.1.0
    cpe:2.3:a:php:php:1.1.0
  • PHP 1.2.0
    cpe:2.3:a:php:php:1.2.0
  • PHP 1.2.2
    cpe:2.3:a:php:php:1.2.2
  • PHP 1.2.4
    cpe:2.3:a:php:php:1.2.4
  • PHP 1.3.1
    cpe:2.3:a:php:php:1.3.1
  • PHP 1.4
    cpe:2.3:a:php:php:1.4
  • PHP PHP_FI 2.0
    cpe:2.3:a:php:php:2.0
  • PHP 2.0.0
    cpe:2.3:a:php:php:2.0.0
  • PHP 2.0.2
    cpe:2.3:a:php:php:2.0.2
  • PHP PHP_FI 2.0b10
    cpe:2.3:a:php:php:2.0b10
  • PHP PHP 3.0
    cpe:2.3:a:php:php:3.0
  • PHP PHP 3.0.1
    cpe:2.3:a:php:php:3.0.1
  • PHP PHP 3.0.2
    cpe:2.3:a:php:php:3.0.2
  • PHP PHP 3.0.3
    cpe:2.3:a:php:php:3.0.3
  • PHP PHP 3.0.4
    cpe:2.3:a:php:php:3.0.4
  • PHP PHP 3.0.5
    cpe:2.3:a:php:php:3.0.5
  • PHP PHP 3.0.6
    cpe:2.3:a:php:php:3.0.6
  • PHP PHP 3.0.7
    cpe:2.3:a:php:php:3.0.7
  • PHP PHP 3.0.8
    cpe:2.3:a:php:php:3.0.8
  • PHP PHP 3.0.9
    cpe:2.3:a:php:php:3.0.9
  • PHP PHP 3.0.10
    cpe:2.3:a:php:php:3.0.10
  • PHP PHP 3.0.11
    cpe:2.3:a:php:php:3.0.11
  • PHP PHP 3.0.12
    cpe:2.3:a:php:php:3.0.12
  • PHP PHP 3.0.13
    cpe:2.3:a:php:php:3.0.13
  • PHP PHP 3.0.14
    cpe:2.3:a:php:php:3.0.14
  • PHP PHP 3.0.15
    cpe:2.3:a:php:php:3.0.15
  • PHP PHP 3.0.16
    cpe:2.3:a:php:php:3.0.16
  • PHP PHP 3.0.17
    cpe:2.3:a:php:php:3.0.17
  • PHP PHP 3.0.18
    cpe:2.3:a:php:php:3.0.18
  • PHP 4.0.0
    cpe:2.3:a:php:php:4.0
  • PHP PHP 4.0 Beta 1
    cpe:2.3:a:php:php:4.0:beta1
  • PHP PHP 4.0 Beta 2
    cpe:2.3:a:php:php:4.0:beta2
  • PHP PHP 4.0 Beta 3
    cpe:2.3:a:php:php:4.0:beta3
  • PHP PHP 4.0 Beta 4
    cpe:2.3:a:php:php:4.0:beta4
  • PHP PHP 4.0 Beta 4 Patch Level 1
    cpe:2.3:a:php:php:4.0:beta_4_patch1
  • PHP PHP 4.0.0
    cpe:2.3:a:php:php:4.0.0
  • PHP PHP 4.0.1
    cpe:2.3:a:php:php:4.0.1
  • PHP PHP 4.0.2
    cpe:2.3:a:php:php:4.0.2
  • PHP PHP 4.0.3
    cpe:2.3:a:php:php:4.0.3
  • PHP PHP 4.0.4
    cpe:2.3:a:php:php:4.0.4
  • PHP PHP 4.0.5
    cpe:2.3:a:php:php:4.0.5
  • PHP PHP 4.0.6
    cpe:2.3:a:php:php:4.0.6
  • PHP PHP 4.0.7
    cpe:2.3:a:php:php:4.0.7
  • PHP PHP 4.1.0
    cpe:2.3:a:php:php:4.1.0
  • PHP PHP 4.1.1
    cpe:2.3:a:php:php:4.1.1
  • PHP PHP 4.1.2
    cpe:2.3:a:php:php:4.1.2
  • PHP 4.1.0
    cpe:2.3:a:php:php:4.1.3
  • PHP 4.2.0
    cpe:2.3:a:php:php:4.2
  • PHP PHP 4.2.0
    cpe:2.3:a:php:php:4.2.0
  • PHP PHP 4.2.1
    cpe:2.3:a:php:php:4.2.1
  • PHP PHP 4.2.2
    cpe:2.3:a:php:php:4.2.2
  • PHP PHP 4.2.3
    cpe:2.3:a:php:php:4.2.3
  • PHP 4.2.0
    cpe:2.3:a:php:php:4.2.4
  • PHP 4.3.0
    cpe:2.3:a:php:php:4.3
  • PHP PHP 4.3.0
    cpe:2.3:a:php:php:4.3.0
  • PHP PHP 4.3.1
    cpe:2.3:a:php:php:4.3.1
  • PHP PHP 4.3.2
    cpe:2.3:a:php:php:4.3.2
  • PHP PHP 4.3.3
    cpe:2.3:a:php:php:4.3.3
  • PHP PHP 4.3.4
    cpe:2.3:a:php:php:4.3.4
  • PHP PHP 4.3.5
    cpe:2.3:a:php:php:4.3.5
  • PHP PHP 4.3.6
    cpe:2.3:a:php:php:4.3.6
  • PHP PHP 4.3.7
    cpe:2.3:a:php:php:4.3.7
  • PHP PHP 4.3.8
    cpe:2.3:a:php:php:4.3.8
  • PHP PHP 4.3.9
    cpe:2.3:a:php:php:4.3.9
  • PHP PHP 4.3.10
    cpe:2.3:a:php:php:4.3.10
  • PHP PHP 4.3.11
    cpe:2.3:a:php:php:4.3.11
  • PHP PHP 4.4.0
    cpe:2.3:a:php:php:4.4.0
  • PHP PHP 4.4.1
    cpe:2.3:a:php:php:4.4.1
  • PHP PHP 4.4.2
    cpe:2.3:a:php:php:4.4.2
  • PHP PHP 4.4.3
    cpe:2.3:a:php:php:4.4.3
  • PHP PHP 4.4.4
    cpe:2.3:a:php:php:4.4.4
  • PHP PHP 4.4.5
    cpe:2.3:a:php:php:4.4.5
  • PHP PHP 4.4.6
    cpe:2.3:a:php:php:4.4.6
  • PHP PHP 4.4.7
    cpe:2.3:a:php:php:4.4.7
  • PHP 4.4.8
    cpe:2.3:a:php:php:4.4.8
  • PHP 4.4.9
    cpe:2.3:a:php:php:4.4.9
  • PHP PHP 5.0.0
    cpe:2.3:a:php:php:5.0.0
  • PHP PHP 5.0.0 Beta1
    cpe:2.3:a:php:php:5.0.0:beta1
  • PHP PHP 5.0.0 Beta2
    cpe:2.3:a:php:php:5.0.0:beta2
  • PHP PHP 5.0.0 Beta3
    cpe:2.3:a:php:php:5.0.0:beta3
  • PHP PHP 5.0.0 Beta4
    cpe:2.3:a:php:php:5.0.0:beta4
  • PHP PHP 5.0.0 RC1
    cpe:2.3:a:php:php:5.0.0:rc1
  • PHP PHP 5.0.0 RC2
    cpe:2.3:a:php:php:5.0.0:rc2
  • PHP PHP 5.0.0 RC3
    cpe:2.3:a:php:php:5.0.0:rc3
  • PHP PHP 5.0.1
    cpe:2.3:a:php:php:5.0.1
  • PHP PHP 5.0.2
    cpe:2.3:a:php:php:5.0.2
  • PHP PHP 5.0.3
    cpe:2.3:a:php:php:5.0.3
  • PHP PHP 5.0.4
    cpe:2.3:a:php:php:5.0.4
  • PHP PHP 5.0.5
    cpe:2.3:a:php:php:5.0.5
  • PHP 5.1.0
    cpe:2.3:a:php:php:5.1
  • PHP PHP 5.1.0
    cpe:2.3:a:php:php:5.1.0
  • PHP PHP 5.1.1
    cpe:2.3:a:php:php:5.1.1
  • PHP PHP 5.1.2
    cpe:2.3:a:php:php:5.1.2
  • PHP PHP 5.1.3
    cpe:2.3:a:php:php:5.1.3
  • PHP 5.1.4
    cpe:2.3:a:php:php:5.1.4
  • PHP PHP 5.1.5
    cpe:2.3:a:php:php:5.1.5
  • PHP PHP 5.1.6
    cpe:2.3:a:php:php:5.1.6
  • PHP 5.2.0
    cpe:2.3:a:php:php:5.2.0
  • PHP 5.2.1
    cpe:2.3:a:php:php:5.2.1
  • PHP 5.2.2
    cpe:2.3:a:php:php:5.2.2
  • PHP 5.2.3
    cpe:2.3:a:php:php:5.2.3
  • PHP 5.2.4
    cpe:2.3:a:php:php:5.2.4
  • PHP 5.2.5
    cpe:2.3:a:php:php:5.2.5
  • PHP 5.2.6
    cpe:2.3:a:php:php:5.2.6
  • PHP 5.2.7
    cpe:2.3:a:php:php:5.2.7
  • PHP 5.2.8
    cpe:2.3:a:php:php:5.2.8
  • PHP 5.2.9
    cpe:2.3:a:php:php:5.2.9
  • PHP 5.2.10
    cpe:2.3:a:php:php:5.2.10
  • PHP 5.2.11
    cpe:2.3:a:php:php:5.2.11
  • PHP 5.2.12
    cpe:2.3:a:php:php:5.2.12
  • PHP 5.2.13
    cpe:2.3:a:php:php:5.2.13
  • PHP 5.2.14
    cpe:2.3:a:php:php:5.2.14
  • PHP 5.2.15
    cpe:2.3:a:php:php:5.2.15
  • PHP 5.2.16
    cpe:2.3:a:php:php:5.2.16
  • PHP 5.2.17
    cpe:2.3:a:php:php:5.2.17
  • PHP 5.3.0
    cpe:2.3:a:php:php:5.3.0
  • PHP 5.3.1
    cpe:2.3:a:php:php:5.3.1
  • PHP 5.3.2
    cpe:2.3:a:php:php:5.3.2
  • PHP 5.3.3
    cpe:2.3:a:php:php:5.3.3
  • PHP 5.3.4
    cpe:2.3:a:php:php:5.3.4
  • PHP 5.3.5
    cpe:2.3:a:php:php:5.3.5
  • PHP 5.3.6
    cpe:2.3:a:php:php:5.3.6
  • PHP 5.3.7
    cpe:2.3:a:php:php:5.3.7
  • PHP 5.3.8
    cpe:2.3:a:php:php:5.3.8
  • PHP 5.3.9
    cpe:2.3:a:php:php:5.3.9
  • PHP 5.3.10
    cpe:2.3:a:php:php:5.3.10
  • PHP 5.3.11
    cpe:2.3:a:php:php:5.3.11
  • PHP 5.3.12
    cpe:2.3:a:php:php:5.3.12
  • PHP 5.3.13
    cpe:2.3:a:php:php:5.3.13
  • PHP 5.3.14
    cpe:2.3:a:php:php:5.3.14
  • PHP 5.3.15
    cpe:2.3:a:php:php:5.3.15
  • PHP 5.3.16
    cpe:2.3:a:php:php:5.3.16
  • PHP 5.3.17
    cpe:2.3:a:php:php:5.3.17
  • PHP 5.3.18
    cpe:2.3:a:php:php:5.3.18
  • PHP 5.3.19
    cpe:2.3:a:php:php:5.3.19
  • PHP 5.3.20
    cpe:2.3:a:php:php:5.3.20
  • PHP 5.3.21
    cpe:2.3:a:php:php:5.3.21
  • PHP 5.3.22
    cpe:2.3:a:php:php:5.3.22
  • PHP 5.3.23
    cpe:2.3:a:php:php:5.3.23
  • PHP 5.3.24
    cpe:2.3:a:php:php:5.3.24
  • PHP 5.3.25
    cpe:2.3:a:php:php:5.3.25
  • PHP 5.3.26
    cpe:2.3:a:php:php:5.3.26
  • PHP 5.3.27
    cpe:2.3:a:php:php:5.3.27
  • PHP 5.3.28
    cpe:2.3:a:php:php:5.3.28
  • PHP 5.3.29
    cpe:2.3:a:php:php:5.3.29
  • PHP 5.4.0
    cpe:2.3:a:php:php:5.4.0
  • PHP 5.4.1
    cpe:2.3:a:php:php:5.4.1
  • PHP 5.4.2
    cpe:2.3:a:php:php:5.4.2
  • PHP 5.4.3
    cpe:2.3:a:php:php:5.4.3
  • PHP 5.4.4
    cpe:2.3:a:php:php:5.4.4
  • PHP 5.4.5
    cpe:2.3:a:php:php:5.4.5
  • PHP 5.4.6
    cpe:2.3:a:php:php:5.4.6
  • PHP 5.4.7
    cpe:2.3:a:php:php:5.4.7
  • PHP 5.4.8
    cpe:2.3:a:php:php:5.4.8
  • PHP 5.4.9
    cpe:2.3:a:php:php:5.4.9
  • PHP 5.4.10
    cpe:2.3:a:php:php:5.4.10
  • PHP 5.4.11
    cpe:2.3:a:php:php:5.4.11
  • PHP 5.4.12
    cpe:2.3:a:php:php:5.4.12
  • PHP 5.4.12 release candidate 1
    cpe:2.3:a:php:php:5.4.12:rc1
  • PHP 5.4.12 release candidate 2
    cpe:2.3:a:php:php:5.4.12:rc2
  • PHP 5.4.13
    cpe:2.3:a:php:php:5.4.13
  • PHP 5.4.13 release candidate 1
    cpe:2.3:a:php:php:5.4.13:rc1
  • PHP 5.4.14
    cpe:2.3:a:php:php:5.4.14
  • PHP 5.4.14 release candidate 1
    cpe:2.3:a:php:php:5.4.14:rc1
  • PHP 5.4.15
    cpe:2.3:a:php:php:5.4.15
  • PHP 5.4.15 release candidate 1
    cpe:2.3:a:php:php:5.4.15:rc1
  • PHP 5.4.16
    cpe:2.3:a:php:php:5.4.16
  • PHP 5.4.16 release candidate 1
    cpe:2.3:a:php:php:5.4.16:rc1
  • PHP 5.4.17
    cpe:2.3:a:php:php:5.4.17
  • PHP 5.4.18
    cpe:2.3:a:php:php:5.4.18
  • PHP 5.4.19
    cpe:2.3:a:php:php:5.4.19
  • PHP 5.4.20
    cpe:2.3:a:php:php:5.4.20
  • PHP 5.4.21
    cpe:2.3:a:php:php:5.4.21
  • PHP 5.4.22
    cpe:2.3:a:php:php:5.4.22
  • PHP 5.4.23
    cpe:2.3:a:php:php:5.4.23
  • PHP 5.4.24
    cpe:2.3:a:php:php:5.4.24
  • PHP 5.4.25
    cpe:2.3:a:php:php:5.4.25
  • PHP 5.4.26
    cpe:2.3:a:php:php:5.4.26
  • PHP 5.4.27
    cpe:2.3:a:php:php:5.4.27
  • PHP 5.4.28
    cpe:2.3:a:php:php:5.4.28
  • PHP 5.4.29
    cpe:2.3:a:php:php:5.4.29
  • PHP 5.4.30
    cpe:2.3:a:php:php:5.4.30
  • PHP 5.4.31
    cpe:2.3:a:php:php:5.4.31
  • PHP 5.4.32
    cpe:2.3:a:php:php:5.4.32
  • PHP 5.4.33
    cpe:2.3:a:php:php:5.4.33
  • PHP PHP 5.4.34
    cpe:2.3:a:php:php:5.4.34
  • PHP 5.4.35
    cpe:2.3:a:php:php:5.4.35
  • PHP 5.4.36
    cpe:2.3:a:php:php:5.4.36
  • PHP 5.4.37
    cpe:2.3:a:php:php:5.4.37
  • PHP 5.4.38
    cpe:2.3:a:php:php:5.4.38
  • PHP 5.4.39
    cpe:2.3:a:php:php:5.4.39
  • PHP 5.4.40
    cpe:2.3:a:php:php:5.4.40
  • PHP 5.4.41
    cpe:2.3:a:php:php:5.4.41
  • PHP 5.4.42
    cpe:2.3:a:php:php:5.4.42
  • PHP 5.4.43
    cpe:2.3:a:php:php:5.4.43
  • PHP 5.4.44
    cpe:2.3:a:php:php:5.4.44
  • PHP 5.4.45
    cpe:2.3:a:php:php:5.4.45
  • PHP 5.5.0
    cpe:2.3:a:php:php:5.5.0
  • PHP 5.5.0 alpha1
    cpe:2.3:a:php:php:5.5.0:alpha1
  • PHP 5.5.0 alpha2
    cpe:2.3:a:php:php:5.5.0:alpha2
  • PHP 5.5.0 alpha3
    cpe:2.3:a:php:php:5.5.0:alpha3
  • PHP 5.5.0 alpha4
    cpe:2.3:a:php:php:5.5.0:alpha4
  • PHP 5.5.0 alpha5
    cpe:2.3:a:php:php:5.5.0:alpha5
  • PHP 5.5.0 alpha6
    cpe:2.3:a:php:php:5.5.0:alpha6
  • PHP 5.5.0 beta1
    cpe:2.3:a:php:php:5.5.0:beta1
  • PHP 5.5.0 beta2
    cpe:2.3:a:php:php:5.5.0:beta2
  • PHP 5.5.0 beta3
    cpe:2.3:a:php:php:5.5.0:beta3
  • PHP 5.5.0 beta4
    cpe:2.3:a:php:php:5.5.0:beta4
  • PHP 5.5.0 release candidate 1
    cpe:2.3:a:php:php:5.5.0:rc1
  • PHP 5.5.0 release candidate 2
    cpe:2.3:a:php:php:5.5.0:rc2
  • PHP 5.5.1
    cpe:2.3:a:php:php:5.5.1
  • PHP 5.5.2
    cpe:2.3:a:php:php:5.5.2
  • PHP 5.5.3
    cpe:2.3:a:php:php:5.5.3
  • PHP 5.5.4
    cpe:2.3:a:php:php:5.5.4
  • PHP 5.5.5
    cpe:2.3:a:php:php:5.5.5
  • PHP 5.5.6
    cpe:2.3:a:php:php:5.5.6
  • PHP 5.5.7
    cpe:2.3:a:php:php:5.5.7
  • PHP 5.5.8
    cpe:2.3:a:php:php:5.5.8
  • PHP 5.5.9
    cpe:2.3:a:php:php:5.5.9
  • PHP 5.5.10
    cpe:2.3:a:php:php:5.5.10
  • PHP 5.5.11
    cpe:2.3:a:php:php:5.5.11
  • PHP 5.5.12
    cpe:2.3:a:php:php:5.5.12
  • PHP 5.5.13
    cpe:2.3:a:php:php:5.5.13
  • PHP 5.5.14
    cpe:2.3:a:php:php:5.5.14
  • PHP 5.5.15
    cpe:2.3:a:php:php:5.5.15
  • PHP 5.5.16
    cpe:2.3:a:php:php:5.5.16
  • PHP 5.5.17
    cpe:2.3:a:php:php:5.5.17
  • PHP 5.5.18
    cpe:2.3:a:php:php:5.5.18
  • PHP 5.5.19
    cpe:2.3:a:php:php:5.5.19
  • PHP 5.5.20
    cpe:2.3:a:php:php:5.5.20
  • PHP 5.5.21
    cpe:2.3:a:php:php:5.5.21
  • PHP 5.5.22
    cpe:2.3:a:php:php:5.5.22
  • PHP 5.5.23
    cpe:2.3:a:php:php:5.5.23
  • PHP 5.5.24
    cpe:2.3:a:php:php:5.5.24
  • PHP 5.5.25
    cpe:2.3:a:php:php:5.5.25
  • PHP 5.5.26
    cpe:2.3:a:php:php:5.5.26
  • PHP 5.5.27
    cpe:2.3:a:php:php:5.5.27
  • PHP 5.5.28
    cpe:2.3:a:php:php:5.5.28
  • PHP PHP 5.5.29
    cpe:2.3:a:php:php:5.5.29
  • PHP 5.5.30
    cpe:2.3:a:php:php:5.5.30
  • PHP 5.5.31
    cpe:2.3:a:php:php:5.5.31
  • PHP 5.5.32
    cpe:2.3:a:php:php:5.5.32
  • PHP 5.5.33
    cpe:2.3:a:php:php:5.5.33
  • PHP 5.5.34
    cpe:2.3:a:php:php:5.5.34
  • PHP 5.5.35
    cpe:2.3:a:php:php:5.5.35
  • PHP 5.5.36
    cpe:2.3:a:php:php:5.5.36
  • PHP 5.5.37
    cpe:2.3:a:php:php:5.5.37
  • PHP 5.5.38
    cpe:2.3:a:php:php:5.5.38
  • PHP 5.6.0
    cpe:2.3:a:php:php:5.6.0
  • PHP 5.6.0 alpha1
    cpe:2.3:a:php:php:5.6.0:alpha1
  • PHP 5.6.0 alpha2
    cpe:2.3:a:php:php:5.6.0:alpha2
  • PHP 5.6.0 alpha3
    cpe:2.3:a:php:php:5.6.0:alpha3
  • PHP 5.6.0 alpha4
    cpe:2.3:a:php:php:5.6.0:alpha4
  • PHP 5.6.0 alpha5
    cpe:2.3:a:php:php:5.6.0:alpha5
  • PHP 5.6.0 beta1
    cpe:2.3:a:php:php:5.6.0:beta1
  • PHP 5.6.0 beta2
    cpe:2.3:a:php:php:5.6.0:beta2
  • PHP 5.6.0 beta3
    cpe:2.3:a:php:php:5.6.0:beta3
  • PHP 5.6.0 beta4
    cpe:2.3:a:php:php:5.6.0:beta4
  • PHP PHP 5.6.1
    cpe:2.3:a:php:php:5.6.1
  • PHP 5.6.2
    cpe:2.3:a:php:php:5.6.2
  • PHP 5.6.3
    cpe:2.3:a:php:php:5.6.3
  • PHP 5.6.4
    cpe:2.3:a:php:php:5.6.4
  • PHP 5.6.5
    cpe:2.3:a:php:php:5.6.5
  • PHP 5.6.6
    cpe:2.3:a:php:php:5.6.6
  • PHP 5.6.7
    cpe:2.3:a:php:php:5.6.7
  • PHP PHP 5.6.8
    cpe:2.3:a:php:php:5.6.8
  • PHP PHP 5.6.9
    cpe:2.3:a:php:php:5.6.9
  • PHP PHP 5.6.10
    cpe:2.3:a:php:php:5.6.10
  • PHP PHP 5.6.11
    cpe:2.3:a:php:php:5.6.11
  • PHP PHP 5.6.12
    cpe:2.3:a:php:php:5.6.12
  • PHP PHP 5.6.13
    cpe:2.3:a:php:php:5.6.13
  • PHP 5.6.14
    cpe:2.3:a:php:php:5.6.14
  • PHP 5.6.15
    cpe:2.3:a:php:php:5.6.15
  • PHP 5.6.16
    cpe:2.3:a:php:php:5.6.16
  • PHP 5.6.17
    cpe:2.3:a:php:php:5.6.17
  • PHP 5.6.18
    cpe:2.3:a:php:php:5.6.18
  • PHP 5.6.19
    cpe:2.3:a:php:php:5.6.19
  • PHP 5.6.20
    cpe:2.3:a:php:php:5.6.20
  • PHP 5.6.21
    cpe:2.3:a:php:php:5.6.21
  • PHP 5.6.22
    cpe:2.3:a:php:php:5.6.22
  • PHP 5.6.23
    cpe:2.3:a:php:php:5.6.23
  • PHP 5.6.24
    cpe:2.3:a:php:php:5.6.24
  • PHP 5.6.25
    cpe:2.3:a:php:php:5.6.25
  • PHP 5.6.26
    cpe:2.3:a:php:php:5.6.26
  • PHP 5.6.27
    cpe:2.3:a:php:php:5.6.27
  • PHP 5.6.28
    cpe:2.3:a:php:php:5.6.28
  • PHP 5.6.29
    cpe:2.3:a:php:php:5.6.29
  • PHP 5.6.30
    cpe:2.3:a:php:php:5.6.30
  • PHP 5.6.31
    cpe:2.3:a:php:php:5.6.31
  • PHP 5.6.32
    cpe:2.3:a:php:php:5.6.32
  • PHP 5.6.33
    cpe:2.3:a:php:php:5.6.33
  • PHP 5.6.34
    cpe:2.3:a:php:php:5.6.34
  • PHP 7.0.0
    cpe:2.3:a:php:php:7.0.0
  • PHP 7.0.1
    cpe:2.3:a:php:php:7.0.1
  • PHP 7.0.2
    cpe:2.3:a:php:php:7.0.2
  • PHP 7.0.3
    cpe:2.3:a:php:php:7.0.3
  • PHP 7.0.4
    cpe:2.3:a:php:php:7.0.4
  • PHP 7.0.5
    cpe:2.3:a:php:php:7.0.5
  • PHP 7.0.6
    cpe:2.3:a:php:php:7.0.6
  • PHP 7.0.7
    cpe:2.3:a:php:php:7.0.7
  • PHP 7.0.8
    cpe:2.3:a:php:php:7.0.8
  • PHP 7.0.9
    cpe:2.3:a:php:php:7.0.9
  • PHP 7.0.10
    cpe:2.3:a:php:php:7.0.10
  • PHP 7.0.11
    cpe:2.3:a:php:php:7.0.11
  • PHP 7.0.12
    cpe:2.3:a:php:php:7.0.12
  • PHP 7.0.13
    cpe:2.3:a:php:php:7.0.13
  • PHP 7.0.14
    cpe:2.3:a:php:php:7.0.14
  • PHP 7.0.15
    cpe:2.3:a:php:php:7.0.15
  • PHP 7.0.16
    cpe:2.3:a:php:php:7.0.16
  • PHP 7.0.17
    cpe:2.3:a:php:php:7.0.17
  • PHP 7.0.18
    cpe:2.3:a:php:php:7.0.18
  • PHP 7.0.19
    cpe:2.3:a:php:php:7.0.19
  • PHP 7.0.20
    cpe:2.3:a:php:php:7.0.20
  • PHP 7.0.21
    cpe:2.3:a:php:php:7.0.21
  • PHP 7.0.22
    cpe:2.3:a:php:php:7.0.22
  • PHP 7.0.23
    cpe:2.3:a:php:php:7.0.23
  • PHP 7.0.24
    cpe:2.3:a:php:php:7.0.24
  • PHP 7.0.25
    cpe:2.3:a:php:php:7.0.25
  • PHP 7.0.26
    cpe:2.3:a:php:php:7.0.26
  • PHP 7.0.27
    cpe:2.3:a:php:php:7.0.27
  • PHP 7.0.28
    cpe:2.3:a:php:php:7.0.28
  • PHP 7.0.29
    cpe:2.3:a:php:php:7.0.29
  • PHP 7.1.0
    cpe:2.3:a:php:php:7.1.0
  • PHP 7.1.1
    cpe:2.3:a:php:php:7.1.1
  • PHP 7.1.2
    cpe:2.3:a:php:php:7.1.2
  • PHP 7.1.3
    cpe:2.3:a:php:php:7.1.3
  • PHP 7.1.4
    cpe:2.3:a:php:php:7.1.4
  • PHP 7.1.5
    cpe:2.3:a:php:php:7.1.5
  • PHP 7.1.6
    cpe:2.3:a:php:php:7.1.6
  • PHP 7.1.7
    cpe:2.3:a:php:php:7.1.7
  • PHP 7.1.8
    cpe:2.3:a:php:php:7.1.8
  • PHP 7.1.9
    cpe:2.3:a:php:php:7.1.9
  • PHP 7.1.10
    cpe:2.3:a:php:php:7.1.10
  • PHP 7.1.11
    cpe:2.3:a:php:php:7.1.11
  • PHP 7.1.12
    cpe:2.3:a:php:php:7.1.12
  • PHP 7.1.13
    cpe:2.3:a:php:php:7.1.13
  • PHP 7.1.14
    cpe:2.3:a:php:php:7.1.14
  • PHP 7.1.15
    cpe:2.3:a:php:php:7.1.15
  • PHP 7.1.16
    cpe:2.3:a:php:php:7.1.16
  • PHP 7.2.0
    cpe:2.3:a:php:php:7.2.0
  • PHP 7.2.1
    cpe:2.3:a:php:php:7.2.1
  • PHP 7.2.2
    cpe:2.3:a:php:php:7.2.2
  • PHP 7.2.3
    cpe:2.3:a:php:php:7.2.3
  • PHP 7.2.4
    cpe:2.3:a:php:php:7.2.4
  • Canonical Ubuntu Linux 16.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts
  • Canonical Ubuntu Linux 17.10
    cpe:2.3:o:canonical:ubuntu_linux:17.10
  • Canonical Ubuntu Linux 18.04 LTS Edition
    cpe:2.3:o:canonical:ubuntu_linux:18.04:-:-:-:lts
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian Linux 9.0
    cpe:2.3:o:debian:debian_linux:9.0
  • cpe:2.3:a:netapp:storage_automation_store
    cpe:2.3:a:netapp:storage_automation_store
CVSS
Base: 6.8
Impact:
Exploitability:
CWE CWE-125
CAPEC
  • Overread Buffers
    An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
nessus via4
  • NASL family Misc.
    NASL id SECURITYCENTER_5_7_1_TNS_2018_12.NASL
    description According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is prior to 5.7.1. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-12-14
    plugin id 117672
    published 2018-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117672
    title Tenable SecurityCenter < 5.7.1 Multiple Vulnerabilities (TNS-2018-12)
  • NASL family CGI abuses
    NASL id PHP_7_2_5.NASL
    description According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.5. It is, therefore, affected by multiple vulnerabilities.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 109579
    published 2018-05-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109579
    title PHP 7.2.x < 7.2.5 Stack Buffer Overflow
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2018-136-02.NASL
    description New php packages are available for Slackware 14.0, 14.1, and 14.2 to fix security issues.
    last seen 2019-02-21
    modified 2018-09-04
    plugin id 109871
    published 2018-05-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109871
    title Slackware 14.0 / 14.1 / 14.2 : php (SSA:2018-136-02)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-1397.NASL
    description Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language : CVE-2018-7584 A stack-buffer-overflow while parsing HTTP response results in copying a large string and possible memory corruption and/or denial of service CVE-2018-10545 Dumpable FPM child processes allow bypassing opcache access controls resulting in potential information disclosure where one user can obtain information about another user's running PHP applications CVE-2018-10546 An invalid sequence of bytes can trigger an infinite loop in the stream filter convert.iconv CVE-2018-10547 A previous fix for CVE-2018-5712 may not be complete, resulting in an additional vulnerability in the form of a reflected XSS in the PHAR 403 and 404 error pages CVE-2018-10548 A malicious remote LDAP server can send a crafted response that will cause a denial of service (NULL pointer dereference resulting in an application crash) CVE-2018-10549 A crafted JPEG file can case an out-of-bounds read and heap buffer overflow For Debian 8 'Jessie', these problems have been fixed in version 5.6.36+dfsg-0+deb8u1. We recommend that you upgrade your php5 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 110697
    published 2018-06-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110697
    title Debian DLA-1397-1 : php5 security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-04F6056C42.NASL
    description **PHP version 7.1.17** (26 Apr 2018) **Date:** - Fixed bug php#76131 (mismatch arginfo for date_create). (carusogabriel) **Exif:** - Fixed bug php#76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value). (Stas) **FPM:** - Fixed bug php#68440 (ERROR: failed to reload: execvp() failed: Argument list too long). (Jacob Hipps) - Fixed incorrect write to getenv result in FPM reload. (Jakub Zelenka) **GD:** - Fixed bug php#52070 (imagedashedline() - dashed line sometimes is not visible). (cmb) **iconv:** - Fixed bug php#76249 (stream filter convert.iconv leads to infinite loop on invalid sequence). (Stas) **intl:** - Fixed bug php#76153 (Intl compilation fails with icu4c 61.1). (Anatol) **ldap:** - Fixed bug php#76248 (Malicious LDAP-Server Response causes Crash). (Stas) **mbstring:** - Fixed bug php#75944 (Wrong cp1251 detection). (dmk001) - Fixed bug php#76113 (mbstring does not build with Oniguruma 6.8.1). (chrullrich, cmb) **Phar:** - Fixed bug php#76129 (fix for CVE-2018-5712 may not be complete). (Stas) **phpdbg:** - Fixed bug php#76143 (Memory corruption: arbitrary NUL overwrite). (Laruence) **SPL:** - Fixed bug php#76131 (mismatch arginfo for splarray constructor). (carusogabriel) **standard:** - Fixed bug php#75996 (incorrect url in header for mt_rand). (tatarbj) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-09-05
    plugin id 109559
    published 2018-05-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109559
    title Fedora 27 : php (2018-04f6056c42)
  • NASL family CGI abuses
    NASL id PHP_7_1_17.NASL
    description According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.17. It is, therefore, affected by multiple vulnerabilities.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 109578
    published 2018-05-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109578
    title PHP 7.1.x < 7.1.17 Multiple Vulnerabilities
  • NASL family CGI abuses
    NASL id PHP_5_6_36.NASL
    description According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.36. It is, therefore, affected by multiple vulnerabilities.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 109576
    published 2018-05-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109576
    title PHP 5.6.x < 5.6.36 Multiple Vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-EE6707D519.NASL
    description **PHP version 7.2.5** (26 Apr 2018) **Core:** - Fixed bug php#75722 (Convert valgrind detection to configure option). (Michael Heimpold) **Date:** - Fixed bug php#76131 (mismatch arginfo for date_create). (carusogabriel) **Exif:** - Fixed bug php#76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value). (Stas) **FPM:** - Fixed bug php#68440 (ERROR: failed to reload: execvp() failed: Argument list too long). (Jacob Hipps) - Fixed incorrect write to getenv result in FPM reload. (Jakub Zelenka) **GD:** - Fixed bug php#52070 (imagedashedline() - dashed line sometimes is not visible). (cmb) **intl:** - Fixed bug php#76153 (Intl compilation fails with icu4c 61.1). (Anatol) **iconv:** - Fixed bug php#76249 (stream filter convert.iconv leads to infinite loop on invalid sequence). (Stas) **ldap:** - Fixed bug php#76248 (Malicious LDAP-Server Response causes Crash). (Stas) **mbstring:** - Fixed bug php#75944 (Wrong cp1251 detection). (dmk001) - Fixed bug php#76113 (mbstring does not build with Oniguruma 6.8.1). (chrullrich, cmb) **ODBC:** - Fixed bug php#76088 (ODBC functions are not available by default on Windows). (cmb) **Opcache:** - Fixed bug php#76094 (Access violation when using opcache). (Laruence) **Phar:** - Fixed bug php#76129 (fix for CVE-2018-5712 may not be complete). (Stas) **phpdbg:** - Fixed bug php#76143 (Memory corruption: arbitrary NUL overwrite). (Laruence) **SPL:** - Fixed bug php#76131 (mismatch arginfo for splarray constructor). (carusogabriel) **standard:** - Fixed bug php#74139 (mail.add_x_header default inconsistent with docs). (cmb) - Fixed bug php#75996 (incorrect url in header for mt_rand). (tatarbj) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120886
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120886
    title Fedora 28 : php (2018-ee6707d519)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-6071A600E8.NASL
    description **PHP version 7.1.17** (26 Apr 2018) **Date:** - Fixed bug php#76131 (mismatch arginfo for date_create). (carusogabriel) **Exif:** - Fixed bug php#76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value). (Stas) **FPM:** - Fixed bug php#68440 (ERROR: failed to reload: execvp() failed: Argument list too long). (Jacob Hipps) - Fixed incorrect write to getenv result in FPM reload. (Jakub Zelenka) **GD:** - Fixed bug php#52070 (imagedashedline() - dashed line sometimes is not visible). (cmb) **iconv:** - Fixed bug php#76249 (stream filter convert.iconv leads to infinite loop on invalid sequence). (Stas) **intl:** - Fixed bug php#76153 (Intl compilation fails with icu4c 61.1). (Anatol) **ldap:** - Fixed bug php#76248 (Malicious LDAP-Server Response causes Crash). (Stas) **mbstring:** - Fixed bug php#75944 (Wrong cp1251 detection). (dmk001) - Fixed bug php#76113 (mbstring does not build with Oniguruma 6.8.1). (chrullrich, cmb) **Phar:** - Fixed bug php#76129 (fix for CVE-2018-5712 may not be complete). (Stas) **phpdbg:** - Fixed bug php#76143 (Memory corruption: arbitrary NUL overwrite). (Laruence) **SPL:** - Fixed bug php#76131 (mismatch arginfo for splarray constructor). (carusogabriel) **standard:** - Fixed bug php#75996 (incorrect url in header for mt_rand). (tatarbj) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-09-05
    plugin id 109560
    published 2018-05-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109560
    title Fedora 26 : php (2018-6071a600e8)
  • NASL family CGI abuses
    NASL id PHP_7_0_30.NASL
    description According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.30. It is, therefore, affected by multiple vulnerabilities.
    last seen 2019-02-21
    modified 2018-12-21
    plugin id 109577
    published 2018-05-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109577
    title PHP 7.0.x < 7.0.30 Multiple Vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3646-1.NASL
    description It was discovered that PHP incorrectly handled opcache access controls when configured to use PHP-FPM. A local user could possibly use this issue to obtain sensitive information from another user's PHP applications. (CVE-2018-10545) It was discovered that the PHP iconv stream filter incorrect handled certain invalid multibyte sequences. A remote attacker could possibly use this issue to cause PHP to hang, resulting in a denial of service. (CVE-2018-10546) It was discovered that the PHP PHAR error pages incorrectly filtered certain data. A remote attacker could possibly use this issue to perform a reflected XSS attack. (CVE-2018-10547) It was discovered that PHP incorrectly handled LDAP. A malicious remote LDAP server could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2018-10548) It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 17.10, and Ubuntu 18.04 LTS. (CVE-2018-10549). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 109812
    published 2018-05-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109812
    title Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : php5, php7.0, php7.1, php7.2 vulnerabilities (USN-3646-1)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2018-1019.NASL
    description NULL pointer dereference due to mishandling of ldap_get_dn return value allows denial-of-service by malicious LDAP server or man-in-the-middle attacker An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.(CVE-2018-10548) Infinite loop in ext/iconv/iconv.c when using stream filter with convert.incov on invalid sequence leads to denial-of-service An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.(CVE-2018-10546) Reflected XSS vulnerability on PHAR 403 and 404 error pages An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712 .(CVE-2018-10547) Out-of-bounds read in ext/exif/exif.c:exif_read_data() when reading crafted JPEG data An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a MakerNote that lacks a final '\0' character.(CVE-2018-10549)
    last seen 2019-02-21
    modified 2018-08-31
    plugin id 109701
    published 2018-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109701
    title Amazon Linux AMI : php56 / php70,php71 (ALAS-2018-1019)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201812-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201812-01 (PHP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PHP. Please review the referenced CVE identifiers for details. Impact : An attacker could cause a Denial of Service condition or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-12-04
    plugin id 119320
    published 2018-12-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119320
    title GLSA-201812-01 : PHP: Multiple vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-4240.NASL
    description Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language : - CVE-2018-7584 Buffer underread in parsing HTTP responses - CVE-2018-10545 Dumpable FPM child processes allowed the bypass of opcache access controls - CVE-2018-10546 Denial of service via infinite loop in convert.iconv stream filter - CVE-2018-10547 The fix for CVE-2018-5712 (shipped in DSA 4080) was incomplete - CVE-2018-10548 Denial of service via malformed LDAP server responses - CVE-2018-10549 Out-of-bounds read when parsing malformed JPEG files
    last seen 2019-02-21
    modified 2018-11-13
    plugin id 110928
    published 2018-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110928
    title Debian DSA-4240-1 : php7.0 - security update
refmap via4
bid 104019
confirm
debian DSA-4240
gentoo GLSA-201812-01
mlist [debian-lts-announce] 20180626 [SECURITY] [DLA 1397-1] php5 security update
sectrack 1040807
ubuntu USN-3646-1
Last major update 29-04-2018 - 17:29
Published 29-04-2018 - 17:29
Last modified 15-03-2019 - 13:54
Back to Top