CVE-2019-11043
Underflow in PHP-FPM can lead to RCEIn PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
We have discovered 309,685 live websites that are affected by CVE-2019-11043.
Contact us to get more info
Affected Software
| |
---|
Product | PHP |
Category | Programming Languages |
Vulnerable Versions | - from 7.1 before 7.1.33
- from 7.2 before 7.2.24
- from 7.3 before 7.3.11
|
Total Vulnerable Versions | 507 |
Vulnerable Domains | 309,685 live websites (2.56% of PHP install base) |
Common Weakness Enumeration
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2019-11043 and the relative popularity of websites