Unrated severityNVD Advisory· Published May 3, 2019· Updated Sep 16, 2024
Out of bounds memory write in PHP Imagick extension
CVE-2019-11037
Description
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled by untrusted party.
Affected products
1- Range: 3.4.4
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- lists.opensuse.org/opensuse-security-announce/2020-01/msg00016.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MQ7WJA25YF2R2LRALK4QEYWUHHJPSUD/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BU66V7QJKD32RXLY5J7Z5NZH4V3VV524/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FME5ZG7DDYWUPPHTTAFJB5OFFCPXYHPS/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202003-38mitrevendor-advisoryx_refsource_GENTOO
- usn.ubuntu.com/4586-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2019/dsa-4576mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/108292mitrevdb-entryx_refsource_BID
- bugs.php.net/bug.phpmitrex_refsource_MISC
- github.com/CVEProject/cvelist/pull/1964mitrex_refsource_MISC
- seclists.org/bugtraq/2019/Nov/39mitremailing-listx_refsource_BUGTRAQ
News mentions
0No linked articles in our index yet.