CVE-2018-10547

MEDIUM

Description

An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.

References

http://php.net/ChangeLog-5.php

http://php.net/ChangeLog-7.php

http://www.securitytracker.com/id/1040807

https://bugs.php.net/bug.php?id=76129

https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html

https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html

https://security.netapp.com/advisory/ntap-20180607-0003/

https://usn.ubuntu.com/3646-1/

https://usn.ubuntu.com/3646-2/

https://www.debian.org/security/2018/dsa-4240

https://www.tenable.com/security/tns-2018-12

Details

Source: MITRE

Published: 2018-04-29

Updated: 2019-03-15

Type: CWE-79

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Impact Score: 2.7

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

ID	Name	Product	Family	Severity
98868	PHP 7.2.x < 7.2.5 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	medium
98860	PHP 7.1.x < 7.1.17 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	medium
98849	PHP 7.0.x < 7.0.30 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	medium
98826	PHP 5.6.x < 5.6.36 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	medium
120886	Fedora 28 : php (2018-ee6707d519)	Nessus	Fedora Local Security Checks	medium
120023	SUSE SLES12 Security Update : php5 (SUSE-SU-2018:1291-1)	Nessus	SuSE Local Security Checks	medium
120021	SUSE SLES12 Security Update : php7 (SUSE-SU-2018:1176-1)	Nessus	SuSE Local Security Checks	medium
117672	Tenable SecurityCenter < 5.7.1 Multiple Vulnerabilities (TNS-2018-12)	Nessus	Misc.	high
110928	Debian DSA-4240-1 : php7.0 - security update	Nessus	Debian Local Security Checks	high
110697	Debian DLA-1397-1 : php5 security update	Nessus	Debian Local Security Checks	high
109878	openSUSE Security Update : php5 (openSUSE-2018-465)	Nessus	SuSE Local Security Checks	medium
109871	Slackware 14.0 / 14.1 / 14.2 : php (SSA:2018-136-02)	Nessus	Slackware Local Security Checks	medium
109860	SUSE SLES11 Security Update : php53 (SUSE-SU-2018:1294-1)	Nessus	SuSE Local Security Checks	medium
109812	Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : php5, php7.0, php7.1, php7.2 vulnerabilities (USN-3646-1)	Nessus	Ubuntu Local Security Checks	medium
109714	openSUSE Security Update : php7 (openSUSE-2018-441)	Nessus	SuSE Local Security Checks	medium
109701	Amazon Linux AMI : php56 / php70,php71 (ALAS-2018-1019)	Nessus	Amazon Linux Local Security Checks	medium
109657	Debian DLA-1373-1 : php5 security update	Nessus	Debian Local Security Checks	medium
109579	PHP 7.2.x < 7.2.5 Stack Buffer Overflow	Nessus	CGI abuses	medium
109578	PHP 7.1.x < 7.1.17 Multiple Vulnerabilities	Nessus	CGI abuses	medium
109577	PHP 7.0.x < 7.0.30 Multiple Vulnerabilities	Nessus	CGI abuses	medium
109576	PHP 5.6.x < 5.6.36 Multiple Vulnerabilities	Nessus	CGI abuses	medium
109560	Fedora 26 : php (2018-6071a600e8)	Nessus	Fedora Local Security Checks	medium
109559	Fedora 27 : php (2018-04f6056c42)	Nessus	Fedora Local Security Checks	medium