Vulnerability CVE-2014-2020

Vulnerability Name:

CVE-2014-2020 (CCN-91731)

Assigned:

2014-02-18

Published:

2014-02-18

Updated:

2014-03-08

Summary:

ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-189

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2014-2020

Source: CCN
Type: BID-65676
PHP 'ext/gd/gd.c' Information Disclosure Vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-2126-1

Source: CCN
Type: PHP Web site
PHP

Source: CONFIRM
Type: Vendor Advisory
https://bugs.php.net/bug.php?id=66356

Source: CCN
Type: Red Hat Bugzilla Bug 1065108
CVE-2013-7226 CVE-2013-7327 CVE-2013-7328 CVE-2014-2020 php: multiple vulnerabilities in gdImageCrop()

Source: XF
Type: UNKNOWN
php-cve20142020-info-disc(91731)

Source: CONFIRM
Type: Vendor Advisory
https://github.com/php/php-src/commit/2938329ce19cb8c4197dec146c3ec887c6f61d01

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-2020

Vulnerable Configuration:

Configuration 1:

cpe:/a:php:php:5.5.0:alpha1:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha2:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha3:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha4:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha5:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha6:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta1:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta2:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta3:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta4:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:rc1:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:rc2:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.1:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.2:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.3:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.4:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.5:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.6:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.7:-:*:*:*:*:*:*

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version <= 5.5.8)

Configuration CCN 1:

cpe:/a:php:php:5.5.0:rc2:*:*:*:*:*:*