Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-111242
HistoryNov 07, 2019 - 12:00 a.m.

PHP CVE-2019-11050 Denial of Service Vulnerability

2019-11-0700:00:00
Symantec Security Response
www.symantec.com
58
JSON

Description

PHP is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service condition. PHP versions prior to 7.4.1 are vulnerable.

Technologies Affected

  • PHP PHP 7.0.0
  • PHP PHP 7.0.1
  • PHP PHP 7.0.10
  • PHP PHP 7.0.11
  • PHP PHP 7.0.12
  • PHP PHP 7.0.13
  • PHP PHP 7.0.14
  • PHP PHP 7.0.15
  • PHP PHP 7.0.16
  • PHP PHP 7.0.17
  • PHP PHP 7.0.2
  • PHP PHP 7.0.21
  • PHP PHP 7.0.22
  • PHP PHP 7.0.25
  • PHP PHP 7.0.26
  • PHP PHP 7.0.27
  • PHP PHP 7.0.29
  • PHP PHP 7.0.3
  • PHP PHP 7.0.30
  • PHP PHP 7.0.31
  • PHP PHP 7.0.33
  • PHP PHP 7.0.4
  • PHP PHP 7.0.5
  • PHP PHP 7.0.6
  • PHP PHP 7.0.7
  • PHP PHP 7.0.8
  • PHP PHP 7.0.9
  • PHP PHP 7.1
  • PHP PHP 7.1.0
  • PHP PHP 7.1.1
  • PHP PHP 7.1.11
  • PHP PHP 7.1.12
  • PHP PHP 7.1.13
  • PHP PHP 7.1.14
  • PHP PHP 7.1.16
  • PHP PHP 7.1.17
  • PHP PHP 7.1.2
  • PHP PHP 7.1.20
  • PHP PHP 7.1.24
  • PHP PHP 7.1.25
  • PHP PHP 7.1.26
  • PHP PHP 7.1.27
  • PHP PHP 7.1.28
  • PHP PHP 7.1.29
  • PHP PHP 7.1.3
  • PHP PHP 7.1.30
  • PHP PHP 7.1.4
  • PHP PHP 7.1.5
  • PHP PHP 7.1.6
  • PHP PHP 7.1.7
  • PHP PHP 7.1.8
  • PHP PHP 7.1.9
  • PHP PHP 7.2
  • PHP PHP 7.2.0
  • PHP PHP 7.2.1
  • PHP PHP 7.2.12
  • PHP PHP 7.2.13
  • PHP PHP 7.2.14
  • PHP PHP 7.2.16
  • PHP PHP 7.2.17
  • PHP PHP 7.2.18
  • PHP PHP 7.2.19
  • PHP PHP 7.2.2
  • PHP PHP 7.2.25
  • PHP PHP 7.2.3
  • PHP PHP 7.2.4
  • PHP PHP 7.2.5
  • PHP PHP 7.2.6
  • PHP PHP 7.2.7
  • PHP PHP 7.2.8
  • PHP PHP 7.3.0
  • PHP PHP 7.3.1
  • PHP PHP 7.3.10
  • PHP PHP 7.3.11
  • PHP PHP 7.3.12
  • PHP PHP 7.3.2
  • PHP PHP 7.3.3
  • PHP PHP 7.3.4
  • PHP PHP 7.3.5
  • PHP PHP 7.3.6
  • PHP PHP 7.3.7
  • PHP PHP 7.3.8
  • PHP PHP 7.3.9
  • PHP PHP 7.4.0

Recommendations

Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to If global access isn’t needed, filter access to the affected computer at the network boundary.

Run all software as a nonprivileged user with minimal access rights.
To limit the consequences of a successful exploit, run server processes within a restricted environment using facilities such as chroot or jail.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This may indicate exploit attempts or activity that results from successful exploits.

Updates are available. Please see the references or vendor advisory for more information.

References

Related

cve 1
alpinelinux 1
prion 1
ubuntucve 1
veracode 1
redhatcve 1
debiancve 1
f5 1
altlinux 4
nessus 38
openvas 15
suse 1
osv 5
ubuntu 1
debian 3
mageia 1
fedora 2
amazon 3
redhat 2
oraclelinux 1
almalinux 1
rocky 1
cve
cve
CVE-2019-11050
2019-12-23 03:15:00
alpinelinux
alpinelinux
CVE-2019-11050
2019-12-23 03:15:00
prion
prion
Information disclosure
2019-12-23 03:15:00
ubuntucve
ubuntucve
CVE-2019-11050
2019-12-23 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-12-02 09:50:08
redhatcve
redhatcve
CVE-2019-11050
2020-01-20 15:51:02
debiancve
debiancve
CVE-2019-11050
2019-12-23 03:15:00
f5
f5
K50301222 : PHP EXIF extension vulnerabilities CVE-2019-11047 and CVE-2019-11050
2020-01-22 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package php7 version 7.2.26-alt1
2019-12-20 00:00:00
Security fix for the ALT Linux 10 package php8.0 version 7.3.13-alt1
2019-12-20 00:00:00
Security fix for the ALT Linux 10 package php8.1 version 7.3.13-alt1
2019-12-20 00:00:00
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : PHP vulnerabilities (USN-4239-1)
2020-01-16 00:00:00
Debian DLA-2050-1 : php5 security update
2019-12-30 00:00:00
SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2020:0101-1)
2020-01-15 00:00:00
openvas
openvas
Debian LTS: Security Advisory for php5 (DLA-2050-1)
2019-12-30 00:00:00
PHP < 7.2.26 Multiple Vulnerabilities - Dec19 (Linux)
2019-12-19 00:00:00
openSUSE: Security Advisory for php7 (openSUSE-SU-2020:0080_1)
2020-01-27 00:00:00
suse
suse
Security update for php7 (moderate)
2020-01-20 00:00:00
osv
osv
php5 - security update
2019-12-29 00:00:00
php7.0 - security update
2020-02-18 00:00:00
php7.3 - security update
2020-02-17 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2020-01-15 00:00:00
debian
debian
[SECURITY] [DLA 2050-1] php5 security update
2019-12-29 22:47:12
[SECURITY] [DSA 4628-1] php7.0 security update
2020-02-18 22:00:11
[SECURITY] [DSA 4626-1] php7.3 security update
2020-02-17 20:39:09
mageia
mageia
Updated php packages fix security vulnerabilities
2019-12-25 22:08:41
fedora
fedora
[SECURITY] Fedora 31 Update: php-7.3.13-1.fc31
2020-01-05 00:42:40
[SECURITY] Fedora 30 Update: php-7.3.13-1.fc30
2020-01-03 20:36:41
amazon
amazon
Medium: php72, php73
2020-02-04 22:42:00
Important: php73
2024-02-01 19:33:00
Important: php72
2024-02-14 20:03:00
redhat
redhat
(RHSA-2020:5275) Moderate: rh-php73-php security, bug fix, and enhancement update
2020-12-01 11:15:07
(RHSA-2020:3662) Moderate: php:7.3 security, bug fix, and enhancement update
2020-09-08 08:38:31
oraclelinux
oraclelinux
php:7.3 security, bug fix, and enhancement update
2020-09-09 00:00:00
almalinux
almalinux
Moderate: php:7.3 security, bug fix, and enhancement update
2020-09-08 08:38:31
rocky
rocky
php:7.3 security, bug fix, and enhancement update
2020-09-08 08:38:31
JSON
Related for SMNTC-111242
cve1alpinelinux1prion1ubuntucve1veracode1redhatcve1debiancve1f51altlinux4nessus38openvas15suse1osv5ubuntu1debian3mageia1fedora2amazon3redhat2oraclelinux1almalinux1rocky1