Lucene search
F5F5:K44590877HistoryMay 14, 2019 - 12:00 a.m.
K44590877 : PHP vulnerabilities CVE-2019-11034 and CVE-2019-11035
2019-05-1400:00:00
my.f5.com
13
Security Advisory Description
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
openvas
openvas
Ubuntu: Security Advisory (USN-3953-1)
2019-04-24 00:00:00
PHP 7.1.x < 7.1.28, 7.2.x < 7.2.17, 7.3.x < 7.3.4 Multiple Vulnerabilities - Linux
2021-10-25 00:00:00
Ubuntu: Security Advisory (USN-3953-2)
2022-08-26 00:00:00
nessus
nessus
EulerOS Virtualization for ARM 64 3.0.2.0 : php (EulerOS-SA-2019-1705)
2019-07-09 00:00:00
PHP 7.2.x < 7.2.17 Multiple vulnerabilities.
2019-04-04 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : PHP vulnerabilities (USN-3953-1)
2019-04-24 00:00:00
ibm
ibm
ubuntu
ubuntu
PHP vulnerabilities
2019-05-01 00:00:00
PHP vulnerabilities
2019-04-23 00:00:00
freebsd
freebsd
PHP -- Multiple vulnerabilities in EXIF module
2019-04-04 00:00:00
debian
debian
[SECURITY] [DLA 1803-1] php5 security update
2019-05-25 10:53:33
[SECURITY] [DSA 4529-1] php7.0 security update
2019-09-20 17:58:44
suse
suse
Security update for php7 (moderate)
2019-06-03 00:00:00
Security update for php5 (moderate)
2019-06-03 00:00:00
Security update for php7 (moderate)
2019-06-18 00:00:00
amazon
amazon
Low: php71, php72, php73
2019-06-11 23:00:00
osv
osv
php5 - security update
2019-05-25 00:00:00
CVE-2019-11034
2019-04-18 17:29:00
CVE-2019-11035
2019-04-18 17:29:00
debiancve
debiancve
CVE-2019-11034
2019-04-18 17:29:00
CVE-2019-11035
2019-04-18 17:29:00
veracode
veracode
Denial Of Service (Dos)
2019-08-20 00:10:42
Denial Of Service (Dos)
2019-08-20 00:10:42
cve
cve
CVE-2019-11035
2019-04-18 17:29:00
CVE-2019-11034
2019-04-18 17:29:00
prion
prion
Information disclosure
2019-04-18 17:29:00
Information disclosure
2019-04-18 17:29:00
redhatcve
redhatcve
CVE-2019-11035
2020-04-07 17:04:12
CVE-2019-11034
2020-04-08 21:40:55
cvelist
cvelist
CVE-2019-11035 Heap over-read in PHP EXIF extension
2019-04-01 00:00:00
CVE-2019-11034 Heap over-read in PHP EXIF extension
2019-04-01 00:00:00
ubuntucve
ubuntucve
CVE-2019-11034
2019-04-17 00:00:00
CVE-2019-11035
2019-04-17 00:00:00
nvd
nvd
CVE-2019-11034
2019-04-18 17:29:00
CVE-2019-11035
2019-04-18 17:29:00
alpinelinux
alpinelinux
CVE-2019-11035
2019-04-18 17:29:00
CVE-2019-11034
2019-04-18 17:29:00
oraclelinux
oraclelinux
php:7.2 security, bug fix, and enhancement update
2020-05-05 00:00:00
rocky
rocky
php:7.2 security, bug fix, and enhancement update
2020-04-28 08:57:54
almalinux
almalinux
Moderate: php:7.2 security, bug fix, and enhancement update
2020-04-28 08:57:54
redhat
redhat
(RHSA-2020:1624) Moderate: php:7.2 security, bug fix, and enhancement update
2020-04-28 08:57:54
(RHSA-2019:3299) Critical: rh-php72-php security update
2019-11-01 12:22:19