When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.

References

bugzilla.redhat.com/show_bug.cgi?id=1702246

nvd.nist.gov/vuln/detail/CVE-2019-11035

www.cve.org/CVERecord?id=CVE-2019-11035

veracode 1

cve 1

prion 1

alpinelinux 1

cvelist 1

osv 5

nvd 1

debiancve 1

ubuntucve 1

openvas 19

nessus 33

ibm 2

ubuntu 2

f5 1

freebsd 1

debian 2

suse 4

amazon 1

oraclelinux 1

rocky 1

almalinux 1

redhat 3

veracode

Denial Of Service (Dos)

2019-08-20 00:10:42

cve

CVE-2019-11035

2019-04-18 17:29:00

prion

Information disclosure

2019-04-18 17:29:00

alpinelinux

CVE-2019-11035

2019-04-18 17:29:00

cvelist

CVE-2019-11035 Heap over-read in PHP EXIF extension

2019-04-01 00:00:00

osv

CVE-2019-11035

2019-04-18 17:29:00

php5 - security update

2019-05-25 00:00:00

php7.0 - security update

2019-09-20 00:00:00

nvd

CVE-2019-11035

2019-04-18 17:29:00

debiancve

CVE-2019-11035

2019-04-18 17:29:00

ubuntucve

CVE-2019-11035

2019-04-17 00:00:00

openvas

Ubuntu: Security Advisory (USN-3953-1)

2019-04-24 00:00:00

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1723)

2020-01-23 00:00:00

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1705)

2020-01-23 00:00:00

nessus

EulerOS Virtualization for ARM 64 3.0.2.0 : php (EulerOS-SA-2019-1705)

2019-07-09 00:00:00

FreeBSD : PHP -- Multiple vulnerabilities in EXIF module (c2d1693b-73cb-11e9-a1c7-b499baebfeaf)

2019-05-13 00:00:00

PHP 7.2.x < 7.2.17 Multiple vulnerabilities.

2019-04-04 00:00:00

ibm

Security Bulletin: IBM API Connect's Developer Portal is impacted by vulnerabilities in PHP (CVE-2019-11035 CVE-2019-11034)

2019-05-23 00:15:01

Security Bulletin: API Connect's Developer Portal is impacted by vulnerabilities in PHP

2020-03-03 02:43:43

ubuntu

PHP vulnerabilities

2019-05-01 00:00:00

PHP vulnerabilities

2019-04-23 00:00:00

K44590877 : PHP vulnerabilities CVE-2019-11034 and CVE-2019-11035

2019-05-14 00:00:00

freebsd

PHP -- Multiple vulnerabilities in EXIF module

2019-04-04 00:00:00

debian

[SECURITY] [DLA 1803-1] php5 security update

2019-05-25 10:53:33

[SECURITY] [DSA 4529-1] php7.0 security update

2019-09-20 17:58:44

suse

Security update for php7 (moderate)

2019-06-03 00:00:00

Security update for php5 (moderate)

2019-06-03 00:00:00

Security update for php7 (moderate)

2019-06-18 00:00:00

amazon

Low: php71, php72, php73

2019-06-11 23:00:00

oraclelinux

php:7.2 security, bug fix, and enhancement update

2020-05-05 00:00:00

rocky

php:7.2 security, bug fix, and enhancement update

2020-04-28 08:57:54

almalinux

Moderate: php:7.2 security, bug fix, and enhancement update

2020-04-28 08:57:54

redhat

(RHSA-2020:1624) Moderate: php:7.2 security, bug fix, and enhancement update

2020-04-28 08:57:54

(RHSA-2019:3299) Critical: rh-php72-php security update

2019-11-01 12:22:19

(RHSA-2019:2519) Moderate: rh-php71-php security, bug fix, and enhancement update

2019-08-19 08:09:18

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.006 Low

EPSS

Percentile

79.0%

JSON

Related for RH:CVE-2019-11035