Security Bulletin
Summary
IBM API Connect has addressed the following vulnerability.
Vulnerability Details
CVEID: CVE-2019-11035
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by heap-based buffer overflow in the exif_iif_add_value function in the EXIF extension. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition.
CVSS Base score: 7.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/159896 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H)
CVEID: CVE-2019-9022
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by a flaw in the dns_get_record function. By sending a specially-crafted DNS response, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/157969 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2019-11042
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer overflow in the exif_read_data function. By persuading a victim to open a specially-crafted content, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition on the system.
CVSS Base score: 8.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/167296 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H)
CVEID: CVE-2019-9024
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in xmlrpc_decode() function. By using specially-crafted input, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/157967 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2018-20783
DESCRIPTION: GAIN Electronic SAGA1-L8B could allow a remote attacker to bypass security restrictions, caused by an improper access control flaw. An attacker could exploit this vulnerability to force-pair the device.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/151856 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-9640
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by an invalid read flaw in the exif_process_SOFn method. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/158120 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-9023
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a number of heap-based buffer over-read instances in mbstring regular expression functions. By sending a specially crafted argument, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/157968 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-11036
DESCRIPTION: PHP EXIF extension could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer overflow in the exif_process_IFD_TAG function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition on the system.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/160574 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)
CVEID: CVE-2019-11040
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer overflow in the exif_read_data function. By persuading a victim to open a specially-crafted content, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition on the system.
CVSS Base score: 8.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/161868 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H)
CVEID: CVE-2019-9639
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by an uninitialized read flaw in the exif_process_IFD_in_MAKERNOTE method. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/158119 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-11039
DESCRIPTION: PHP is vulnerable to a denial of service, caused by an out-of-bounds read in the _php_iconv_mime_decode function in iconv.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash or obtain sensitive information.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/161867 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)
CVEID: CVE-2019-11038
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by an uninitialized read in the gdImageCreateFromXbm function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/161866 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2019-9638
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by an uninitialized read flaw in the exif_process_IFD_in_MAKERNOTE method. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/158118 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-11041
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer overflow in the exif_read_data function. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition on the system.
CVSS Base score: 8.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/167295 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H)
CVEID: CVE-2019-11034
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by heap-based buffer overflow in the exif_process_IFD_TAG function in the EXIF extension. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition.
CVSS Base score: 7.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/159895 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H)
CVEID: CVE-2019-9021
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a heap-based buffer over-read in PHAR reading functions in the PHAR extension. By sending a specially crafted argument, an attacker could exploit this vulnerability to read allocated or unallocated memory past the actual data and execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/157974 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-9020
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a heap out of bounds read in the function xmlrpc_decode(). An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/157975 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-9637
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by a flaw in the implementation of rename function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/158117 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2019-6977
DESCRIPTION: LibGD is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by gd_color_match.c. By persuading a victim to open a specially-crafted image data, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/156217 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by heap-based buffer overflow in the exif_iif_add_value function in the EXIF extension. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition.
CVSS Base score: 7.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/159896 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H)
CVEID: CVE-2019-9022
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by a flaw in the dns_get_record function. By sending a specially-crafted DNS response, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/157969 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2019-11042
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer overflow in the exif_read_data function. By persuading a victim to open a specially-crafted content, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition on the system.
CVSS Base score: 8.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/167296 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H)
CVEID: CVE-2019-9024
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in xmlrpc_decode() function. By using specially-crafted input, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/157967 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2018-20783
DESCRIPTION: GAIN Electronic SAGA1-L8B could allow a remote attacker to bypass security restrictions, caused by an improper access control flaw. An attacker could exploit this vulnerability to force-pair the device.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/151856 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-9640
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by an invalid read flaw in the exif_process_SOFn method. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/158120 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-9023
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a number of heap-based buffer over-read instances in mbstring regular expression functions. By sending a specially crafted argument, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/157968 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-11036
DESCRIPTION: PHP EXIF extension could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer overflow in the exif_process_IFD_TAG function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition on the system.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/160574 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)
CVEID: CVE-2019-11040
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer overflow in the exif_read_data function. By persuading a victim to open a specially-crafted content, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition on the system.
CVSS Base score: 8.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/161868 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H)
CVEID: CVE-2019-9639
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by an uninitialized read flaw in the exif_process_IFD_in_MAKERNOTE method. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/158119 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-11039
DESCRIPTION: PHP is vulnerable to a denial of service, caused by an out-of-bounds read in the _php_iconv_mime_decode function in iconv.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash or obtain sensitive information.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/161867 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)
CVEID: CVE-2019-11038
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by an uninitialized read in the gdImageCreateFromXbm function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/161866 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2019-9638
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by an uninitialized read flaw in the exif_process_IFD_in_MAKERNOTE method. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/158118 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-11041
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer overflow in the exif_read_data function. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition on the system.
CVSS Base score: 8.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/167295 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H)
CVEID: CVE-2019-11034
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by heap-based buffer overflow in the exif_process_IFD_TAG function in the EXIF extension. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition.
CVSS Base score: 7.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/159895 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H)
CVEID: CVE-2019-9021
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a heap-based buffer over-read in PHAR reading functions in the PHAR extension. By sending a specially crafted argument, an attacker could exploit this vulnerability to read allocated or unallocated memory past the actual data and execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/157974 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-9020
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a heap out of bounds read in the function xmlrpc_decode(). An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/157975 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-9637
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by a flaw in the implementation of rename function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/158117 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2019-6977
DESCRIPTION: LibGD is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by gd_color_match.c. By persuading a victim to open a specially-crafted image data, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/156217 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
| API Connect | IBM API Connect V2018.4.1.0-2018.4.1.9iFix1 |
Remediation/Fixes
| Affected releases | Fixed in VRMF | APAR | Remediation / First Fix |
|---|---|---|---|
| IBM API Connect V2018.1-2018.4.1.9iFix1 | v2018.4.1.10 |
LI81270 |
Addressed in IBM API Connect v2018.4.1.10.
Developer Portal is impacted.
Follow this link and find the "Portal" package appropriate for your installation. |
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
References
Off
Change History
02 March 2020: Initial Publication
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Document Location
Worldwide
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSMNED","label":"IBM API Connect"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"2018.1-2018.4.1.9iFix1","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Product Synonym
APIC;API Connect; API Connect Developer Portal;
Was this topic helpful?
Document Information
Modified date:
02 March 2020
UID
ibm13143907