- Vulnerability/
- USN-4097-1
USN-4097-1: PHP vulnerabilities
First published: Tue Aug 13 2019(Updated: )
It was discovered that PHP incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2019-11041, CVE-2019-11042)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/libapache2-mod-php7.2 | <7.2.19-0ubuntu0.19.04.2 | 7.2.19-0ubuntu0.19.04.2 |
| Ubuntu Ubuntu | =19.04 | |
| All of | ||
| ubuntu/php7.2-cgi | <7.2.19-0ubuntu0.19.04.2 | 7.2.19-0ubuntu0.19.04.2 |
| Ubuntu Ubuntu | =19.04 | |
| All of | ||
| ubuntu/php7.2-cli | <7.2.19-0ubuntu0.19.04.2 | 7.2.19-0ubuntu0.19.04.2 |
| Ubuntu Ubuntu | =19.04 | |
| All of | ||
| ubuntu/php7.2-fpm | <7.2.19-0ubuntu0.19.04.2 | 7.2.19-0ubuntu0.19.04.2 |
| Ubuntu Ubuntu | =19.04 | |
| All of | ||
| ubuntu/php7.2-xmlrpc | <7.2.19-0ubuntu0.19.04.2 | 7.2.19-0ubuntu0.19.04.2 |
| Ubuntu Ubuntu | =19.04 | |
| All of | ||
| ubuntu/libapache2-mod-php7.2 | <7.2.19-0ubuntu0.18.04.2 | 7.2.19-0ubuntu0.18.04.2 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/php7.2-cgi | <7.2.19-0ubuntu0.18.04.2 | 7.2.19-0ubuntu0.18.04.2 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/php7.2-cli | <7.2.19-0ubuntu0.18.04.2 | 7.2.19-0ubuntu0.18.04.2 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/php7.2-fpm | <7.2.19-0ubuntu0.18.04.2 | 7.2.19-0ubuntu0.18.04.2 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/php7.2-xmlrpc | <7.2.19-0ubuntu0.18.04.2 | 7.2.19-0ubuntu0.18.04.2 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/libapache2-mod-php7.0 | <7.0.33-0ubuntu0.16.04.6 | 7.0.33-0ubuntu0.16.04.6 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/php7.0-cgi | <7.0.33-0ubuntu0.16.04.6 | 7.0.33-0ubuntu0.16.04.6 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/php7.0-cli | <7.0.33-0ubuntu0.16.04.6 | 7.0.33-0ubuntu0.16.04.6 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/php7.0-fpm | <7.0.33-0ubuntu0.16.04.6 | 7.0.33-0ubuntu0.16.04.6 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/php7.0-xmlrpc | <7.0.33-0ubuntu0.16.04.6 | 7.0.33-0ubuntu0.16.04.6 |
| Ubuntu Ubuntu | =16.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2019-11041
- https://ubuntu.com/security/CVE-2019-11042
- https://ubuntu.com/security/notices/USN-4097-2
- https://launchpad.net/ubuntu/+source/php7.2/7.2.19-0ubuntu0.19.04.2
- https://launchpad.net/ubuntu/+source/php7.2/7.2.19-0ubuntu0.18.04.2
- https://launchpad.net/ubuntu/+source/php7.0/7.0.33-0ubuntu0.16.04.6
- https://ubuntu.com/security/notices/USN-4097-1 (Advisory)
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-11041 and CVE-2019-11042.
What is the affected software?
The affected software includes libapache2-mod-php7.2, php7.2-cgi, php7.2-cli, php7.2-fpm, and php7.2-xmlrpc.
What is the severity of this vulnerability?
The severity of this vulnerability has not been specified.
How can an attacker exploit this vulnerability?
An attacker could exploit this vulnerability to cause a denial of service or execute arbitrary code.
Is there a fix available for this vulnerability?
Yes, a fix is available for this vulnerability. Refer to the provided references for more information.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- anchor-related/USN-4097-2
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/19.04
- version/ubuntu ubuntu/18.04
- version/ubuntu ubuntu/16.04