Cyoung

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.6.39 PHP versions 7.0.x prior to 7.0.33 PHP versions 7.1.x prior to 7.1.25 PHP versions 7.2.x prior to 7.2.13 Description: A buffer over-read issue in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This issue is related to the `phar parse pharfile` function in `ext/phar/phar.c`. The vulnerability can be exploited by a remote attacker to gain unauthorized access to protected information. Recommendations: For PHP versions prior to 5.6.39, update to version 5.6.39 or later. For PHP versions 7.0.x prior to 7.0.33, update to version 7.0.33 or later. For PHP versions 7.1.x prior to 7.1.25, update to version 7.1.25 or later. For PHP versions 7.2.x prior to 7.2.13, update to version 7.2.13 or later. As a temporary workaround, consider restricting access to PHAR files until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.6.36 PHP versions 7.0.x prior to 7.0.30 PHP versions 7.1.x prior to 7.1.17 PHP versions 7.2.x prior to 7.2.5 **Description** The issue is related to the exif read data function in the PHP interpreter, which is associated with an out-of-bounds read in memory. This can be exploited by a remote attacker to execute arbitrary code or cause a denial of service. The vulnerability is triggered by crafted JPEG data, specifically when a MakerNote lacks a final '0' character, which is mishandled by the exif iif add value function. **Recommendations** For PHP versions prior to 5.6.36, update to version 5.6.36 or later. For PHP versions 7.0.x prior to 7.0.30, update to version 7.0.30 or later. For PHP versions 7.1.x prior to 7.1.17, update to version 7.1.17 or later. For PHP versions 7.2.x prior to 7.2.5, update to version 7.2.5 or later.

**Name of the Vulnerable Software and Affected Versions** PHP versions 7.0.x through 7.0.20 PHP versions 7.1.x through 7.1.6 **Description** The issue is related to a heap use after free while unserializing untrusted data, which can have an unspecified impact on the integrity of PHP. This is due to the `zval get type` function in Zend/zend types.h. Exploitation of this issue may allow a remote attacker to affect data integrity. **Recommendations** For PHP versions 7.0.x through 7.0.20, update to version 7.0.21 or later. For PHP versions 7.1.x through 7.1.6, update to version 7.1.7 or later.

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.6.31 PHP versions 7.0.x prior to 7.0.21 PHP versions 7.1.x prior to 7.1.7 **Description** The issue is related to the `finish nested data` function in the `ext/standard/var unserializer.re` file of the PHP interpreter. It is caused by a buffer over-read operation when unserializing untrusted data. This can allow a remote attacker to have an unspecified impact on the integrity of PHP data. **Recommendations** For PHP versions prior to 5.6.31, update to version 5.6.31 or later. For PHP versions 7.0.x prior to 7.0.21, update to version 7.0.21 or later. For PHP versions 7.1.x prior to 7.1.7, update to version 7.1.7 or later.