In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string.
Find out more about CVE-2018-7584 from the MITRE-CVE dictionary and NIST NVD
Login may be required to access defects or downloads.
Product Name | Status | Defect | Fixed | Downloads |
---|---|---|---|---|
Linux | ||||
Wind River Linux LTS 17 | Fixed |
LIN10-3553 |
10.17.41.6 |
Wind River Linux LTS 10.17.41.6 Wind River Linux LTS 10.17.41.7 Wind River Linux LTS 10.17.41.8 Wind River Linux LTS 10.17.41.9 Wind River Linux LTS 10.17.41.10 Wind River Linux LTS 10.17.41.11 Wind River Linux LTS 10.17.41.12 Wind River Linux LTS 10.17.41.13 Wind River Linux LTS 10.17.41.14 Wind River Linux LTS 10.17.41.15 Wind River Linux LTS 10.17.41.16 Wind River Linux LTS 10.17.41.17 Wind River Linux LTS 10.17.41.18 Wind River Linux LTS 10.17.41.20 Wind River Linux LTS 10.17.41.21 Wind River Linux LTS 10.17.41.22 Wind River Linux LTS 10.17.41.23 Wind River Linux LTS 10.17.41.24 Wind River Linux LTS 10.17.41.25 Wind River Linux LTS 10.17.41.26 Wind River Linux LTS 10.17.41.27 |
Wind River Linux 8 | Fixed |
LIN8-8900 |
8.0.0.26 | -- |
Wind River Linux 9 | Fixed |
LIN9-6575 |
9.0.0.15 | -- |
Wind River Linux 7 | Fixed | -- | 7.0.0.29 | -- |
Wind River Linux LTS 21 | Not Vulnerable | -- | -- | -- |
Wind River Linux LTS 22 | Not Vulnerable | -- | -- | -- |
Wind River Linux LTS 18 | Not Vulnerable | -- | -- | -- |
Wind River Linux LTS 19 | Not Vulnerable | -- | -- | -- |
Wind River Linux CD release | Not Vulnerable | -- | -- | -- |
Wind River Linux 6 | Fixed | -- | 6.0.0.37 | -- |
Wind River Linux LTS 23 | Not Vulnerable | -- | -- | -- |
VxWorks | ||||
VxWorks 7 | Not Vulnerable | -- | -- | -- |
VxWorks 6.9 | Not Vulnerable | -- | -- | -- |
Helix Virtualization Platform Cert Edition | ||||
Helix Virtualization Platform Cert Edition | Not Vulnerable | -- | -- | -- |
eLxr | ||||
eLxr 12 | Not Vulnerable | -- | -- | -- |
Product Name | Status | Defect | Fixed | Downloads |
---|