PHP vulnerabilities

2020-05-06T00:00:00
ID USN-4330-2
Type ubuntu
Reporter Ubuntu
Modified 2020-05-06T00:00:00

Description

USN-4330-1 fixed vulnerabilities in PHP. This update provides the corresponding
update for Ubuntu 20.04 LTS.

Original advisory details:

It was discovered that PHP incorrectly handled certain EXIF files.
An attacker could possibly use this issue to access sensitive information
or cause a crash. (CVE-2020-7064)

It was discovered that PHP incorrectly handled certain UTF strings.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. (CVE-2020-7065)

It was discovered that PHP incorrectly handled certain URLs.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2020-7066)