CVE-2017-12933CRITICAL
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP.
References
http://php.net/ChangeLog-5.php
http://php.net/ChangeLog-7.php
http://www.securityfocus.com/bid/99490
https://access.redhat.com/errata/RHSA-2018:1296
https://bugs.php.net/bug.php?id=74111
https://usn.ubuntu.com/3566-1/
https://usn.ubuntu.com/3566-2/
Details
Source: MITRE
Published: 2017-08-18
Updated: 2019-10-03
Type: CWE-125
Risk Information
CVSS v2
Base Score: 7.5
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 10
Severity: HIGH
CVSS v3
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9
Severity: CRITICAL
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to 5.6.30 (inclusive)
cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.13:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.14:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.15:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.16:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.17:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.18:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.19:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.20:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.1.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.1.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.1.4:*:*:*:*:*:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 137966 | EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2020-1747) | Nessus | Huawei Local Security Checks | critical |
| 132184 | EulerOS 2.0 SP3 : php (EulerOS-SA-2019-2649) | Nessus | Huawei Local Security Checks | critical |
| 131592 | EulerOS 2.0 SP2 : php (EulerOS-SA-2019-2438) | Nessus | Huawei Local Security Checks | critical |
| 130683 | EulerOS 2.0 SP5 : php (EulerOS-SA-2019-2221) | Nessus | Huawei Local Security Checks | critical |
| 125352 | Ubuntu 14.04 LTS : PHP vulnerabilities (USN-3566-2) | Nessus | Ubuntu Local Security Checks | critical |
| 98864 | PHP 7.1.x < 7.1.7 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | critical |
| 98844 | PHP 7.0.x < 7.0.21 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | critical |
| 98822 | PHP 5.6.x < 5.6.31 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | critical |
| 120007 | SUSE SLES12 Security Update : php5 (SUSE-SU-2017:2518-1) | Nessus | SuSE Local Security Checks | critical |
| 120006 | SUSE SLES12 Security Update : php7 (SUSE-SU-2017:2468-1) | Nessus | SuSE Local Security Checks | critical |
| 106792 | Ubuntu 14.04 LTS : php5 vulnerabilities (USN-3566-1) | Nessus | Ubuntu Local Security Checks | critical |
| 105664 | Debian DSA-4081-1 : php5 - security update | Nessus | Debian Local Security Checks | critical |
| 105663 | Debian DSA-4080-1 : php7.0 - security update | Nessus | Debian Local Security Checks | critical |
| 103395 | openSUSE Security Update : php5 (openSUSE-2017-1079) | Nessus | SuSE Local Security Checks | critical |
| 103317 | SUSE SLES11 Security Update : php53 (SUSE-SU-2017:2522-1) | Nessus | SuSE Local Security Checks | critical |
| 103286 | openSUSE Security Update : php7 (openSUSE-2017-1061) | Nessus | SuSE Local Security Checks | critical |
| 103121 | Tenable SecurityCenter PHP < 5.6.31 Multiple Vulnerabilities (TNS-2017-12 | Nessus | Misc. | critical |
| 102843 | Debian DLA-1076-1 : php5 security update | Nessus | Debian Local Security Checks | critical |
| 101527 | PHP 7.1.x < 7.1.7 Multiple Vulnerabilities | Nessus | CGI abuses | critical |
| 101526 | PHP 7.0.x < 7.0.21 Multiple Vulnerabilities | Nessus | CGI abuses | critical |
| 101525 | PHP 5.6.x < 5.6.31 Multiple Vulnerabilities | Nessus | CGI abuses | critical |