When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: php
Published: 2019-06-18T23:28:28.320225Z
Updated: 2024-09-16T17:23:01.910Z
Reserved: 2019-04-09T00:00:00
Link: CVE-2019-11040
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-06-19T00:15:12.470
Modified: 2024-11-21T04:20:25.590
Link: CVE-2019-11040
Redhat