CVE-2019-9023HIGH
Description
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences.
References
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html
http://www.securityfocus.com/bid/107156
https://access.redhat.com/errata/RHSA-2019:2519
https://access.redhat.com/errata/RHSA-2019:3299
https://bugs.php.net/bug.php?id=77370
https://bugs.php.net/bug.php?id=77371
https://bugs.php.net/bug.php?id=77381
https://bugs.php.net/bug.php?id=77382
https://bugs.php.net/bug.php?id=77385
https://bugs.php.net/bug.php?id=77394
https://bugs.php.net/bug.php?id=77418
https://security.netapp.com/advisory/ntap-20190321-0001/
https://support.f5.com/csp/article/K06372014
https://usn.ubuntu.com/3902-1/
Details
Source: MITRE
Published: 2019-02-22
Updated: 2019-06-18
Type: CWE-125
Risk Information
CVSS v2.0
Base Score: 7.5
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 10
Severity: HIGH
CVSS v3.0
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9
Severity: CRITICAL
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
Configuration 2
OR
Configuration 3
OR
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
Configuration 4
OR
Configuration 5
OR
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 145814 | CentOS 8 : php:7.2 (CESA-2020:1624) | Nessus | CentOS Local Security Checks | high |
| 136057 | RHEL 8 : php:7.2 (RHSA-2020:1624) | Nessus | Red Hat Local Security Checks | high |
| 126035 | openSUSE Security Update : php7 (openSUSE-2019-1573) | Nessus | SuSE Local Security Checks | high |
| 126034 | openSUSE Security Update : php7 (openSUSE-2019-1572) | Nessus | SuSE Local Security Checks | high |
| 125850 | SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2019:1461-1) | Nessus | SuSE Local Security Checks | high |
| 124998 | EulerOS Virtualization 3.0.1.0 : php (EulerOS-SA-2019-1545) | Nessus | Huawei Local Security Checks | critical |
| 124905 | EulerOS Virtualization for ARM 64 3.0.1.0 : php (EulerOS-SA-2019-1402) | Nessus | Huawei Local Security Checks | high |
| 124401 | openSUSE Security Update : php7 (openSUSE-2019-1293) | Nessus | SuSE Local Security Checks | high |
| 124263 | openSUSE Security Update : php5 (openSUSE-2019-1256) | Nessus | SuSE Local Security Checks | high |
| 124190 | SUSE SLES12 Security Update : php5 (SUSE-SU-2019:0985-1) | Nessus | SuSE Local Security Checks | high |
| 123826 | SUSE SLES11 Security Update : php53 (SUSE-SU-2019:14013-1) | Nessus | SuSE Local Security Checks | high |
| 123732 | EulerOS Virtualization 2.5.3 : php (EulerOS-SA-2019-1264) | Nessus | Huawei Local Security Checks | high |
| 123620 | EulerOS 2.0 SP5 : php (EulerOS-SA-2019-1146) | Nessus | Huawei Local Security Checks | high |
| 123594 | EulerOS 2.0 SP2 : php (EulerOS-SA-2019-1120) | Nessus | Huawei Local Security Checks | high |
| 123113 | EulerOS 2.0 SP3 : php (EulerOS-SA-2019-1100) | Nessus | Huawei Local Security Checks | high |
| 98245 | PHP 5.6.x < 5.6.40 Multiple vulnerabilities | Web Application Scanning | Component Vulnerability | high |
| 98244 | PHP 7.1.x < 7.1.26 Multiple vulnerabilities | Web Application Scanning | Component Vulnerability | high |
| 98243 | PHP 7.2.x < 7.2.14 Multiple vulnerabilities | Web Application Scanning | Component Vulnerability | high |
| 98242 | PHP 7.3.x < 7.3.1 Multiple vulnerabilities | Web Application Scanning | Component Vulnerability | high |
| 122667 | Ubuntu 14.04 LTS / 16.04 LTS : php5, php7.0 vulnerabilities (USN-3902-1) | Nessus | Ubuntu Local Security Checks | high |
| 122517 | Debian DSA-4398-1 : php7.0 - security update | Nessus | Debian Local Security Checks | high |
| 121602 | PHP 5.6.x < 5.6.40 Multiple vulnerabilities. | Nessus | CGI abuses | high |
| 121510 | PHP 7.1.x < 7.1.26 Multiple vulnerabilities. | Nessus | CGI abuses | high |
| 121475 | PHP 7.3.x < 7.3.1 Multiple vulnerabilities. | Nessus | CGI abuses | high |
| 121353 | PHP 7.2.x < 7.2.14 Multiple vulnerabilities. | Nessus | CGI abuses | high |