Lucene search
Veracode Vulnerability DatabaseVERACODE:26196HistoryAug 06, 2020 - 9:35 p.m.
Remote Code Execution (RCE)
2020-08-0621:35:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
38
0.005 Low
EPSS
Percentile
76.3%
PHP is vulnerable to remote code execution (RCE). While using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| php7:3.11 | eq | 7.3.15-r0 | |
| rh-php73-php | eq | 7.3.11__1.el7 | |
| php7:edge | eq | 7.3.15-r2 | |
| php7:3.11 | eq | 7.3.15-r0 | |
| rh-php73-php | eq | 7.3.11__1.el7 | |
| php7:edge | eq | 7.3.15-r2 |
Related
redhatcve
redhatcve
CVE-2020-7065
2020-04-03 14:11:10
checkpoint_advisories
checkpoint_advisories
PHP mb_strtolower Stack Buffer Overflow (CVE-2020-7065)
2020-04-16 00:00:00
alpinelinux
alpinelinux
CVE-2020-7065
2020-04-01 04:15:13
nvd
nvd
CVE-2020-7065
2020-04-01 04:15:13
cve
cve
CVE-2020-7065
2020-04-01 04:15:13
debiancve
debiancve
CVE-2020-7065
2020-04-01 04:15:13
osv
osv
CVE-2020-7065
2020-04-01 04:15:13
BIT-php-2020-7065
2024-03-06 11:06:52
php7.3 - security update
2020-07-06 00:00:00
prion
prion
Stack overflow
2020-04-01 04:15:00
attackerkb
attackerkb
CVE-2020-7065
2020-03-17 00:00:00
ubuntucve
ubuntucve
CVE-2020-7065
2020-04-01 00:00:00
cvelist
cvelist
hackerone
hackerone
nessus
nessus
Ubuntu 20.04 LTS : PHP vulnerabilities (USN-4330-2)
2020-05-07 00:00:00
PHP 7.4.x < 7.4.4 Multiple Vulnerabilities
2020-03-24 00:00:00
PHP 7.3.x < 7.3.16 Multiple Vulnerabilities
2020-03-24 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2020-05-06 00:00:00
PHP vulnerabilities
2020-04-15 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2020-0148)
2022-01-28 00:00:00
ibm
ibm
altlinux
altlinux
Security fix for the ALT Linux 10 package php8.1 version 7.3.16-alt1
2020-03-24 00:00:00
Security fix for the ALT Linux 10 package php8.0 version 7.3.16-alt1
2020-03-24 00:00:00
Security fix for the ALT Linux 9 package php7 version 7.3.16-alt1
2020-03-26 00:00:00
mageia
mageia
Updated php packages fix security vulnerability
2020-04-01 04:56:57
fedora
fedora
[SECURITY] Fedora 32 Update: php-7.4.4-1.fc32
2020-03-25 16:17:12
[SECURITY] Fedora 31 Update: php-7.3.16-1.fc31
2020-03-26 01:20:28
[SECURITY] Fedora 30 Update: php-7.3.16-1.fc30
2020-03-26 09:48:08
amazon
amazon
Medium: php73
2020-05-08 20:29:00
debian
debian
[SECURITY] [DSA 4719-1] php7.3 security update
2020-07-06 21:23:48
[SECURITY] [DSA 4719-1] php7.3 security update
2020-07-06 21:23:48
gentoo
gentoo
PHP: Multiple vulnerabilities
2020-03-26 00:00:00
redhat
redhat
almalinux
almalinux
Moderate: php:7.3 security, bug fix, and enhancement update
2020-09-08 08:38:31
rocky
rocky
php:7.3 security, bug fix, and enhancement update
2020-09-08 08:38:31
oraclelinux
oraclelinux
php:7.3 security, bug fix, and enhancement update
2020-09-09 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00