Published: 23/12/2019 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

It exists that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, 16.04 LTS, 18.04 LTS, 19.04 and 19.10. (CVE-2019-11045)

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php 7.4.0
php php
debian debian linux 8.0
debian debian linux 9.0
debian debian linux 10.0
fedoraproject fedora 30
fedoraproject fedora 31
opensuse leap 15.1
canonical ubuntu linux 18.04
canonical ubuntu linux 19.04
canonical ubuntu linux 14.04
canonical ubuntu linux 19.10
canonical ubuntu linux 16.04
canonical ubuntu linux 12.04
tenable securitycenter

Several security issues were fixed in PHP ...

Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names For the stable distribution (buster), these problems have been fixed in version 7314-1~deb10u1 We recommend that you upgrade your php73 pa ...

Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names For the oldstable distribution (stretch), these problems have been fixed in version 7033-0+deb9u7 We recommend that you upgrade your php70 ...

In PHP versions 72x below 7226, 73x below 7313 and 740, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte This could lead to security vulnerabilities, eg in applications checking paths that the code is allowed to access (CVE-2019-11045) In PHP versions 73x below 7313 an ...

Tenablesc leverages third-party software to help provide underlying functionality Multiple third-party components were found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution, and in line with best practice, Tenable has upgraded the bundled components to address the potential impact of the ...

FLUFFI (Fully Localized Utility For Fuzzing Instantaneously) - A distributed evolutionary binary fuzzer for pentesters

FLUFFI FLUFFI - A distributed evolutionary binary fuzzer for pentesters About the project High level overview Beginner Tutorial Getting started Usage HOWTOs Technical Details Contributing to FLUFFI LICENSE Bugs found So far, FLUFFI was almost exclusively used on SIEMENS products and solutions Bugs found therein will not be published However, FLUFFI found the following pub

CWE-125 https://bugs.php.net/bug.php?id=78878 https://lists.debian.org/debian-lts-announce/2019/12/msg00034.html https://security.netapp.com/advisory/ntap-20200103-0002/https://usn.ubuntu.com/4239-1/http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00036.html https://seclists.org/bugtraq/2020/Feb/27 https://www.debian.org/security/2020/dsa-4626 https://seclists.org/bugtraq/2020/Feb/31 https://www.debian.org/security/2020/dsa-4628 https://seclists.org/bugtraq/2021/Jan/3 https://www.tenable.com/security/tns-2021-14 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/https://support.f5.com/csp/article/K48866433?utm_source=f5support&%3Butm_medium=RSS https://usn.ubuntu.com/4239-1/https://nvd.nist.gov

CVE-2019-11046

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect