The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP.
http://php.net/ChangeLog-5.php
http://php.net/ChangeLog-7.php
http://www.securityfocus.com/bid/99490
https://access.redhat.com/errata/RHSA-2018:1296
https://bugs.php.net/bug.php?id=74111
https://usn.ubuntu.com/3566-1/
https://usn.ubuntu.com/3566-2/
Source: MITRE
Published: 2017-08-18
Updated: 2019-10-03
Type: CWE-125
Base Score: 7.5
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 10
Severity: HIGH
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9
Severity: CRITICAL
OR
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to 5.6.30 (inclusive)
cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.13:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.14:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.15:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.16:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.17:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.18:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.19:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.0.20:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.1.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.1.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:7.1.4:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
137966 | EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2020-1747) | Nessus | Huawei Local Security Checks | critical |
132184 | EulerOS 2.0 SP3 : php (EulerOS-SA-2019-2649) | Nessus | Huawei Local Security Checks | critical |
131592 | EulerOS 2.0 SP2 : php (EulerOS-SA-2019-2438) | Nessus | Huawei Local Security Checks | critical |
130683 | EulerOS 2.0 SP5 : php (EulerOS-SA-2019-2221) | Nessus | Huawei Local Security Checks | critical |
125352 | Ubuntu 14.04 LTS : PHP vulnerabilities (USN-3566-2) | Nessus | Ubuntu Local Security Checks | high |
98864 | PHP 7.1.x < 7.1.7 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | high |
98844 | PHP 7.0.x < 7.0.21 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | high |
98822 | PHP 5.6.x < 5.6.31 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | high |
120007 | SUSE SLES12 Security Update : php5 (SUSE-SU-2017:2518-1) | Nessus | SuSE Local Security Checks | high |
120006 | SUSE SLES12 Security Update : php7 (SUSE-SU-2017:2468-1) | Nessus | SuSE Local Security Checks | high |
106792 | Ubuntu 14.04 LTS : php5 vulnerabilities (USN-3566-1) | Nessus | Ubuntu Local Security Checks | high |
105664 | Debian DSA-4081-1 : php5 - security update | Nessus | Debian Local Security Checks | high |
105663 | Debian DSA-4080-1 : php7.0 - security update | Nessus | Debian Local Security Checks | high |
103395 | openSUSE Security Update : php5 (openSUSE-2017-1079) | Nessus | SuSE Local Security Checks | high |
103317 | SUSE SLES11 Security Update : php53 (SUSE-SU-2017:2522-1) | Nessus | SuSE Local Security Checks | high |
103286 | openSUSE Security Update : php7 (openSUSE-2017-1061) | Nessus | SuSE Local Security Checks | high |
103121 | Tenable SecurityCenter PHP < 5.6.31 Multiple Vulnerabilities (TNS-2017-12 | Nessus | Misc. | high |
102843 | Debian DLA-1076-1 : php5 security update | Nessus | Debian Local Security Checks | high |
101527 | PHP 7.1.x < 7.1.7 Multiple Vulnerabilities | Nessus | CGI abuses | high |
101526 | PHP 7.0.x < 7.0.21 Multiple Vulnerabilities | Nessus | CGI abuses | high |
101525 | PHP 5.6.x < 5.6.31 Multiple Vulnerabilities | Nessus | CGI abuses | high |