CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
55.1%
main/streams/xp_socket.c in PHP 7.x before 2017-03-07 misparses fsockopen
calls, such as by interpreting fsockopen(‘127.0.0.1:80’, 443) as if the
address/port were 127.0.0.1:80:443, which is later truncated to
127.0.0.1:80. This behavior has a security risk if the explicitly provided
port number (i.e., 443 in this example) is hardcoded into an application as
a security policy, but the hostname argument (i.e., 127.0.0.1:80 in this
example) is obtained from untrusted input.
Author | Note |
---|---|
mdeslaur | the commit for this was later reverted as it introduced a regression. As of 2020-06-23, there is no upstream fix. |
rodrigo-zaiden | As of 2022-02-04, there is still no upstream fix. |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
55.1%