CVE-2017-7189

{"id": "CVE-2017-7189", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-07-10T15:15:11.163", "references": [{"url": "https://bugs.php.net/bug.php?id=74192", "tags": ["Permissions Required", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/php/php-src/commit/bab0b99f376dac9170ac81382a5ed526938d595a", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "main/streams/xp_socket.c in PHP 7.x before 2017-03-07 misparses fsockopen calls, such as by interpreting fsockopen('127.0.0.1:80', 443) as if the address/port were 127.0.0.1:80:443, which is later truncated to 127.0.0.1:80. This behavior has a security risk if the explicitly provided port number (i.e., 443 in this example) is hardcoded into an application as a security policy, but the hostname argument (i.e., 127.0.0.1:80 in this example) is obtained from untrusted input."}, {"lang": "es", "value": "El archivo main/streams/xp_socket.c en PHP versiones 7.x antes del 07-03-2017 analiza inapropiadamente las llamadas fsockopen, como por ejemplo interpretando fsockopen('127.0.0.1:80', 443) como si la direcci\u00f3n y el puerto fuera 127.0.0.1:80:443, que luego se trunca a 127.0.0.1:80. Este comportamiento presenta un riesgo de seguridad si el n\u00famero de puerto proporcionado expl\u00edcitamente (es decir, 443 en este ejemplo) est\u00e1 codificado en una aplicaci\u00f3n como una pol\u00edtica de seguridad, pero el argumento hostname (es decir, 127.0.0.1:80 en este ejemplo) es obtenido de una entrada no segura."}], "lastModified": "2019-07-17T16:39:25.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D46367B-C8BB-4700-A6B8-79A5DAF5EF33", "versionEndExcluding": "7.0.16", "versionStartIncluding": "7.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}