CVE-2019-9675

An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issue allows theoretical compromise of security, but a practical attack is usually impossible.

Published: Mar 11, 2019
Updated: Nov 8, 2023
CVE: CVE-2019-9675
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.1
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
php / php	7.3.0	7.3.3
php / php	7.0.0	7.1.27
canonical / ubuntu_linux	14.04	14.04.x
canonical / ubuntu_linux	12.04	12.04.x
opensuse / leap	42.3	42.3.x

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html
http://php.net/ChangeLog-7.php
https://bugs.php.net/bug.php?id=77586
https://usn.ubuntu.com/3922-2/
https://usn.ubuntu.com/3922-3/

Vulnerability Database

289,697

CVE-2019-9675