9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.951 High
EPSS
Percentile
99.3%
PHP reports:
Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns)
Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and unserialize()).
Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read access).
Fixed bug #72519 (imagegif/output out-of-bounds access).
Fixed bug #72520 (Stack-based buffer overflow vulnerability in php_stream_zip_opener).
Fixed bug #72533 (locale_accept_from_http out-of-bounds access).
Fixed bug #72541 (size_t overflow lead to heap corruption).
Fixed bug #72551, bug #72552 (Incorrect casting from size_t to int lead to heap overflow in mdecrypt_generic).
Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()).
Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and applications).
Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).
Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c).
Fixed bug #72613 (Inadequate error handling in bzread()).
Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | php55 | < 5.5.38 | UNKNOWN |
FreeBSD | any | noarch | php56 | < 5.6.24 | UNKNOWN |
FreeBSD | any | noarch | php70 | < 7.0.9 | UNKNOWN |
FreeBSD | any | noarch | php70-curl | < 7.0.9 | UNKNOWN |
FreeBSD | any | noarch | php55-bz2 | < 5.5.38 | UNKNOWN |
FreeBSD | any | noarch | php56-bz2 | < 5.6.24 | UNKNOWN |
FreeBSD | any | noarch | php70-bz2 | < 7.0.9 | UNKNOWN |
FreeBSD | any | noarch | php55-exif | < 5.5.38 | UNKNOWN |
FreeBSD | any | noarch | php56-exif | < 5.6.24 | UNKNOWN |
FreeBSD | any | noarch | php70-exif | < 7.0.9 | UNKNOWN |
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.951 High
EPSS
Percentile
99.3%