7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.177 Low
EPSS
Percentile
96.1%
The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before
5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of
service (out-of-bounds write) or execute arbitrary code via a crafted bz2
archive.
Author | Note |
---|---|
seth-arnold | PHP position seems to suggest they’ll fix bzread() to ensure it conforms to the documented behaviour but they won’t take any steps to ‘safe’ an improper use of API by applications. Since the API was apparently not honoured before I don’t know how an application could be expected to be correct. |
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.177 Low
EPSS
Percentile
96.1%