CVE-2020-7067

Advisory lineage Upstream: 0 Downstream: 5
Modified
Published: 27 Apr 2020, 20:38
Last modified:17 Sept 2024, 02:21

Vulnerability Summary

Overall Risk (default)
medium
42/100
CVSS Score
7.5 HIGH
v3.1 (cve.org)
EPSS Score
8.99% LOW
9% probability -0.99%
KEV
Not listed
Ransomware
No reports
Public exploits
1 found
Dark Web
Not detected

Timeline

27 Apr 2020, 20:38
Published
Vulnerability first disclosed
17 Sept 2024, 02:21
Last Modified
Vulnerability information updated

Description

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

CVSS Metrics

  • v3.1HIGHScore: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • v2.0MEDIUMScore: 5AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS Trends

Current EPSS score: 8.99% Percentile: 93%

Techniques & Countermeasures

  • CWE-125Out-of-bounds Read

    The product reads data past the end, or before the beginning, of the intended buffer.

  • CWE-196Unsigned to Signed Conversion Error

    The product uses an unsigned primitive and performs a cast to a signed primitive, which can produce an unexpected value if the value of the unsigned primitive can not be represented using a signed primitive.

Affected Systems

  • debiandebian_linux

    9.0 | 10.0

  • oraclecommunications_diameter_signaling_router

    ≥ 8.0.0.0, ≤ 8.4.0.5

  • UnknownPHP

    7.2.x below 7.2.30 | 7.3.x below 7.3.17 and 7.4.x below 7.4.5

  • UnknownPHP

    ≥ 7.2.0, < 7.2.30 | ≥ 7.3.0, < 7.3.17 | ≥ 7.4.0, < 7.4.5

  • tenabletenable.sc

    < 5.19.0

References (7)