CVE-2020-7060
global buffer-overflow in mbfl_filt_conv_big5_wcharWhen using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.
We have discovered 585,899 live websites that are affected by CVE-2020-7060.
Contact us to get more info
Affected Software
| |
---|
Product | PHP |
Category | Programming Languages |
Vulnerable Versions | - from 7.2 before 7.2.27
- from 7.3 before 7.3.14
- from 7.4 before 7.4.2
|
Total Vulnerable Versions | 507 |
Vulnerable Domains | 585,899 live websites (4.84% of PHP install base) |
Common Weakness Enumeration
CWE-125 Out-of-bounds Read
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2020-7060 and the relative popularity of websites