Vulnerability CVE-2018-14883

Vulnerability Name:

CVE-2018-14883 (CCN-147895)

Assigned:

2018-07-19

Published:

2018-07-19

Updated:

2020-08-24

Summary:

An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-190
CWE-125

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2018-14883

Source: CONFIRM
Type: Vendor Advisory
http://php.net/ChangeLog-5.php

Source: CCN
Type: PHP Web site
Version 7.2.8

Source: CONFIRM
Type: Vendor Advisory
http://php.net/ChangeLog-7.php

Source: CCN
Type: IBM Security Bulletin 737331 (Lotus Protector for Mail Security)
IBM Lotus Protector for Mail Security has released fixes in response to the public disclosed vulnerability found by vFinder (CVE-2018-14883 and CVE-2018-14851)

Source: CCN
Type: IBM Security Bulletin 870684 (Flex System Chassis Management Module (CMM))
IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in PHP (CVE-2018-17082 CVE-2018-14883 CVE-2018-14851 CVE-2017-9118)

Source: BID
Type: Third Party Advisory, VDB Entry
104871

Source: CCN
Type: BID-104871
PHP Multiple Heap Buffer Overflow Vulnerabilities

Source: CONFIRM
Type: Exploit, Issue Tracking, Patch, Vendor Advisory
https://bugs.php.net/bug.php?id=76423

Source: XF
Type: UNKNOWN
php-cve201814883-bo(147895)

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20180901 [SECURITY] [DLA 1490-1] php5 security update

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20181107-0003/

Source: UBUNTU
Type: Third Party Advisory
USN-3766-1

Source: UBUNTU
Type: Third Party Advisory
USN-3766-2

Source: DEBIAN
Type: Third Party Advisory
DSA-4353

Source: CONFIRM
Type: Third Party Advisory
https://www.tenable.com/security/tns-2018-12

Vulnerable Configuration:

Configuration 1:

cpe:/a:php:php:*:*:*:*:*:*:*:* (Version < 5.6.37)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 7.0.0 and < 7.0.31)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 7.1.0 and < 7.1.20)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 7.2.0 and < 7.2.8)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Configuration 3:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4:

cpe:/a:netapp:storage_automation_store:-:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:php:php:7.2.7:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.1.19:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.30:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.36:*:*:*:*:*:*:*

AND

cpe:/a:ibm:lotus_protector:2.8.1:*:*:*:mail_security:*:*:*

OR cpe:/a:ibm:lotus_protector:2.8.3:*:*:*:mail_security:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201814883	V	CVE-2018-14883	2022-05-20
oval:org.opensuse.security:def:32233	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:30159	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:29456	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:34585	P	Security update for systemd (Moderate)	2021-11-04
oval:org.opensuse.security:def:33037	P	Security update for tomcat (Important)	2021-11-03
oval:org.opensuse.security:def:29439	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:30138	P	Security update for strongswan (Important)	2021-10-19
oval:org.opensuse.security:def:30248	P	Security update for ghostscript (Critical)	2021-09-21
oval:org.opensuse.security:def:35266	P	Security update for grilo (Important)	2021-09-09
oval:org.opensuse.security:def:33963	P	Security update for openssl-1_1 (Important)	2021-08-24
oval:org.opensuse.security:def:33952	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:33951	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:31230	P	Security update for linuxptp (Important)	2021-07-21
oval:org.opensuse.security:def:29400	P	Security update for systemd (Important)	2021-07-21
oval:org.opensuse.security:def:32942	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:36324	P	x3270-3.3.12-517.12.34 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36282	P	python-pywbem-0.7-6.22.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:34427	P	Security update for libxml2 (Moderate)	2021-05-05
oval:org.opensuse.security:def:29351	P	Security update for MozillaFirefox (Important)	2021-04-27
oval:org.opensuse.security:def:30175	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP2) (Important)	2021-04-12
oval:org.opensuse.security:def:31143	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:34047	P	Security update for tomcat (Important)	2021-03-30
oval:org.opensuse.security:def:32272	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:33094	P	Security update for apache2 (Moderate)	2021-03-12
oval:org.opensuse.security:def:34643	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:30027	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:28918	P	Security update for java-1_7_1-ibm (Moderate)	2021-01-04
oval:org.opensuse.security:def:34338	P	Security update for xen (Moderate)	2020-12-18
oval:org.opensuse.security:def:29953	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:31086	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:35644	P	tar-1.20-23.23.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35600	P	librpcsecgss-0.18-1.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35573	P	kernel-default-2.6.32.12-0.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35534	P	curl-7.19.0-11.24.25 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:29297	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:28718	P	Security update for kdebase4-runtime	2020-12-01
oval:org.opensuse.security:def:30688	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:28707	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34281	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:30649	P	Security update for MozillaFirefox	2020-12-01
oval:org.opensuse.security:def:28706	P	Security update for gstreamer-0_10-plugins-bad	2020-12-01
oval:org.opensuse.security:def:34183	P	Security update for openswan	2020-12-01
oval:org.opensuse.security:def:30600	P	Security update for PostgreSQL	2020-12-01
oval:org.opensuse.security:def:30545	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30391	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:30305	P	Security update for system-config-printer (Moderate)	2020-12-01
oval:org.opensuse.security:def:35485	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:35426	P	Security update for openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:31595	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:31551	P	Security update for shim	2020-12-01
oval:org.opensuse.security:def:35176	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:31530	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:29942	P	Security update for liblouis (Moderate)	2020-12-01
oval:org.opensuse.security:def:35119	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31491	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:28348	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29941	P	Security update for openLDAP	2020-12-01
oval:org.opensuse.security:def:35018	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:31442	P	Security update for policycoreutils (Low)	2020-12-01
oval:org.opensuse.security:def:28313	P	Security update for openssl (Important)	2020-12-01
oval:org.opensuse.security:def:34882	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:31386	P	Security update for openvpn-openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:27675	P	Security update for telepathy-gabble	2020-12-01
oval:org.opensuse.security:def:34798	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:27631	P	Security update for Samba	2020-12-01
oval:org.opensuse.security:def:34787	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:27617	P	Security update for freetype2	2020-12-01
oval:org.opensuse.security:def:34227	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34786	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:27578	P	wireshark on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34187	P	Security update for openvpn (Important)	2020-12-01
oval:org.opensuse.security:def:30994	P	Security update for jasper (Moderate)	2020-12-01
oval:org.opensuse.security:def:27529	P	osc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33549	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:30862	P	Security update for ed (Low)	2020-12-01
oval:org.opensuse.security:def:27476	P	libreadline5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33505	P	Security update for open-iscsi	2020-12-01
oval:org.opensuse.security:def:30788	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:27325	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33482	P	Security update for OpenSC	2020-12-01
oval:org.opensuse.security:def:30777	P	Security update for axis (Moderate)	2020-12-01
oval:org.opensuse.security:def:27241	P	mono-core on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33443	P	Security update for fetchmail	2020-12-01
oval:org.opensuse.security:def:30776	P	Security update for axis (Moderate)	2020-12-01
oval:org.opensuse.security:def:27184	P	libfreebl3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33394	P	Security update for SUSE Manager Client Tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:27103	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33337	P	Security update for openssl1	2020-12-01
oval:org.opensuse.security:def:29500	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26975	P	libtiff3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33181	P	libsnmp15-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26911	P	gstreamer-0_10-plugins-good on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35479	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26900	P	fvwm2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35438	P	Security update for openvpn-openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:26899	P	fuse on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34800	P	Security update for ant (Moderate)	2020-12-01
oval:org.opensuse.security:def:32807	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34756	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32728	P	libqt4-sql-mysql on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29145	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:34731	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32717	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29061	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:34692	P	Security update for xorg-x11-libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31427	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32716	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29004	P	Security update for conntrack-tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:31389	P	Security update for orca (Moderate)	2020-12-01
oval:org.opensuse.security:def:30751	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28787	P	Security update for Mozilla NSS	2020-12-01
oval:org.opensuse.security:def:30707	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:com.ubuntu.bionic:def:201814883000	V	CVE-2018-14883 on Ubuntu 18.04 LTS (bionic) - medium.	2018-08-03
oval:com.ubuntu.bionic:def:2018148830000000	V	CVE-2018-14883 on Ubuntu 18.04 LTS (bionic) - medium.	2018-08-03
oval:com.ubuntu.trusty:def:201814883000	V	CVE-2018-14883 on Ubuntu 14.04 LTS (trusty) - medium.	2018-08-03
oval:com.ubuntu.xenial:def:2018148830000000	V	CVE-2018-14883 on Ubuntu 16.04 LTS (xenial) - medium.	2018-08-03
oval:com.ubuntu.xenial:def:201814883000	V	CVE-2018-14883 on Ubuntu 16.04 LTS (xenial) - medium.	2018-08-03

BACK