CVE-2020-7064

MEDIUM

Description

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.

References

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html

https://bugs.php.net/bug.php?id=79282

https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html

https://security.netapp.com/advisory/ntap-20200403-0001/

https://usn.ubuntu.com/4330-1/

https://usn.ubuntu.com/4330-2/

https://www.debian.org/security/2020/dsa-4717

https://www.debian.org/security/2020/dsa-4719

https://www.oracle.com/security-alerts/cpujan2021.html

Details

Source: MITRE

Published: 2020-04-01

Updated: 2021-02-03

Type: CWE-125

Risk Information

CVSS v2.0

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

Impact Score: 4.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 5.4

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

Impact Score: 2.5

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

Configuration 4

OR

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Tenable Plugins

View all (25 total)

IDNameProductFamilySeverity
145957CentOS 8 : php:7.3 (CESA-2020:3662)NessusCentOS Local Security Checks
high
140834EulerOS 2.0 SP3 : php (EulerOS-SA-2020-2067)NessusHuawei Local Security Checks
high
140482Oracle Linux 8 : php:7.3 (ELSA-2020-3662)NessusOracle Linux Local Security Checks
high
140396RHEL 8 : php:7.3 (RHSA-2020:3662)NessusRed Hat Local Security Checks
high
138289SUSE SLES12 Security Update : php5 (SUSE-SU-2020:1714-1)NessusSuSE Local Security Checks
medium
138225Debian DSA-4719-1 : php7.3 - security updateNessusDebian Local Security Checks
medium
138106Debian DSA-4717-1 : php7.0 - security updateNessusDebian Local Security Checks
medium
137807EulerOS Virtualization for ARM 64 3.0.6.0 : php (EulerOS-SA-2020-1700)NessusHuawei Local Security Checks
medium
137588SUSE SLES12 Security Update : php72 (SUSE-SU-2020:1546-1)NessusSuSE Local Security Checks
medium
136864EulerOS 2.0 SP8 : php (EulerOS-SA-2020-1586)NessusHuawei Local Security Checks
medium
136629Amazon Linux AMI : php73 (ALAS-2020-1368)NessusAmazon Linux Local Security Checks
medium
136628Amazon Linux AMI : php72 (ALAS-2020-1367)NessusAmazon Linux Local Security Checks
medium
136469SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2020:1199-1)NessusSuSE Local Security Checks
medium
136460openSUSE Security Update : php7 (openSUSE-2020-642)NessusSuSE Local Security Checks
medium
136398Ubuntu 20.04 : php7.4 vulnerabilities (USN-4330-2)NessusUbuntu Local Security Checks
medium
135980Debian DLA-2188-1 : php5 security updateNessusDebian Local Security Checks
medium
135672Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : PHP vulnerabilities (USN-4330-1)NessusUbuntu Local Security Checks
medium
134965GLSA-202003-57 : PHP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
134962Fedora 30 : php (2020-ce5a2a7403)NessusFedora Local Security Checks
medium
134949PHP 7.2.x < 7.2.29 Multiple VulnerabilitiesNessusCGI abuses
medium
134944PHP 7.3.x < 7.3.16 Multiple VulnerabilitiesNessusCGI abuses
medium
134919Fedora 31 : php (2020-0bf228857a)NessusFedora Local Security Checks
medium
98993PHP 7.2.x < 7.2.29 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
medium
98992PHP 7.3.x < 7.3.16 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
medium
98991PHP 7.4.x < 7.4.4 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
medium