Description

exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exif_read_data function.

Remediation

References

CVE-2018-12882

Related Vulnerabilities

WordPress Plugin Testimonial Rotator Cross-Site Scripting (3.0.3)

WordPress Plugin MX Time Zone Clocks Cross-Site Scripting (3.4)

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6024)

WordPress Plugin WP Realtime Sitemap Multiple Unspecified Vulnerabilities (1.5.5)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9675)

Severity

Critical

Classification

CVE-2018-12882 CWE-416 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities