CVE-2019-11049 Information
Share on:Description
In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows when supplying custom headers to mail() function due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e if the header is supplied in lowercase this can result in double-freeing certain memory locations.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Reference
https://bugs.php.net/bug.php?id=78943 https://lists.fedoraproject.org/archives/list/[email protected]/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/ https://lists.fedoraproject.org/archives/list/[email protected]/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/ https://seclists.org/bugtraq/2020/Feb/27 https://security.netapp.com/advisory/ntap-20200103-0002/ https://www.debian.org/security/2020/dsa-4626
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
9.8