mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full
CVE-2020-7065

7.4HIGH

Key Information:

Vendor: PHP Group
Status: PHP
Vendor: CVE Published:; 1 April 2020

What is CVE-2020-7065?

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.

Affected Version(s)

PHP 7.3.x < 7.3.16

PHP 7.4.x < 7.4.4

References

https://usn.ubuntu.com/4330-1/

vendor-advisoryx_refsource_UBUNTU

https://usn.ubuntu.com/4330-2/

vendor-advisoryx_refsource_UBUNTU

https://www.debian.org/security/2020/dsa-4719

vendor-advisoryx_refsource_DEBIAN

EPSS Score

8% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 1, 2020
Vulnerability Reserved
Jan 15, 2020

Credit

anatoly dot trosinenko at gmail dot com

PHP Group

What is CVE-2020-7065?

Affected Version(s)

References

EPSS Score

CVSS V3.1

Timeline

Credit