CVE-2019-11046
Buffer underflow in bc_shift_addsubIn PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII numbers. This can read to disclosure of the content of some memory locations.
We have discovered 571,903 live websites that are affected by CVE-2019-11046.
Contact us to get more info
Affected Software
| |
---|
Product | PHP |
Category | Programming Languages |
Vulnerable Versions | - from 7.2 before 7.2.26
- from 7.3 before 7.3.13
- from 7.4 before 7.4.1
|
Total Vulnerable Versions | 507 |
Vulnerable Domains | 571,903 live websites (4.73% of PHP install base) |
Common Weakness Enumeration
CWE-125 Out-of-bounds Read
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2019-11046 and the relative popularity of websites