vulnerability
Oracle Solaris 11: CVE-2019-11046: Vulnerability in PHP
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Dec 23, 2019 | Jan 19, 2021 | Dec 22, 2022 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Dec 23, 2019
Added
Jan 19, 2021
Modified
Dec 22, 2022
Description
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII numbers. This can read to disclosure of the content of some memory locations.
Solution
oracle-solaris-11-4-upgrade-web-php-73-7-3-14-11-4-19-0-1-2-0

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.