Buffer Overflow Vulnerability in PHP 7.3.x

Buffer Overflow Vulnerability in PHP 7.3.x

CVE-2019-9025 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mb_split() function in ext/mbstring/php_mbregex.c can cause PHP to execute memcpy() with a negative argument, which could read and write past buffers allocated for the data.

Learn more about our Web Application Penetration Testing UK.