Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-11037

In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled by untrusted party.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.8%
CVSS Severity
CVSS v3 Score 4.9
CVSS v2 Score 7.5
References
Products affected by CVE-2019-11037
  • Php » Imagick » Version: 3.3.0
    cpe:2.3:a:php:imagick:3.3.0
  • Php » Imagick » Version: 3.4.0
    cpe:2.3:a:php:imagick:3.4.0
  • Php » Imagick » Version: 3.4.1
    cpe:2.3:a:php:imagick:3.4.1
  • Php » Imagick » Version: 3.4.2
    cpe:2.3:a:php:imagick:3.4.2
  • Php » Imagick » Version: 3.4.3
    cpe:2.3:a:php:imagick:3.4.3
  • Php » Imagick » Version: 3.4.4
    cpe:2.3:a:php:imagick:3.4.4


Contact Us

Shodan ® - All rights reserved