CVE-2019-11049

In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function, due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in lowercase, this can result in double-freeing certain memory locations.

Published: Dec 23, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-11049
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-415

Affected Software
References

Software	From	Fixed in
php / php	7.3.0	7.3.13.x
php / php	7.4.0	7.4.0.x
fedoraproject / fedora	30	30.x
fedoraproject / fedora	31	31.x
debian / debian_linux	10.0	10.0.x
tenable / securitycenter	-	5.19.0

https://bugs.php.net/bug.php?id=78943
https://lists.fedoraproject.org/archives/list/[email protected]/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/
https://lists.fedoraproject.org/archives/list/[email protected]/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/
https://seclists.org/bugtraq/2020/Feb/27
https://security.netapp.com/advisory/ntap-20200103-0002/
https://www.debian.org/security/2020/dsa-4626
https://www.tenable.com/security/tns-2021-14

Vulnerability Database

289,697

CVE-2019-11049