CVE-2019-11044— link() silently truncates after a null byte on Windows
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-11044
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
link() silently truncates after a null byte on Windows
Source: NVD (National Vulnerability Database)
Vulnerability Description
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
不恰当的空终结符
Source: NVD (National Vulnerability Database)
Vulnerability Title
PHP 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
PHP(PHP:Hypertext Preprocessor,PHP:超文本预处理器)是PHPGroup和开放源代码社区的共同维护的一种开源的通用计算机脚本语言。该语言主要用于Web开发,支持多种数据库及操作系统。 PHP 7.2.26之前的7.2.x版本、7.3.13之前的7.3.x版本和7.4.0版本中存在安全漏洞,该漏洞源于‘link’函数会在字符处截断文件名称。攻击者可借助特制文件名利用该漏洞绕过安全限制。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2019-11044
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-11044
请登录查看更多情报信息。
- https://security.netapp.com/advisory/ntap-20200103-0002/x_refsource_CONFIRM
- https://www.tenable.com/security/tns-2021-14x_refsource_CONFIRM
- https://bugs.php.net/bug.php?id=78862x_refsource_MISC
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7GCOAE6KVHYJ3UQ4KLPLTGSLX6IRVRN/vendor-advisoryx_refsource_FEDORA
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRQPYXVG43Q7DXMXH6UVWMKWGUW552F/vendor-advisoryx_refsource_FEDORA
- https://nvd.nist.gov/vuln/detail/CVE-2019-11044
Same Patch Batch · PHP Group · 2019-12-23 · 6 CVEs total
| CVE-2019-11049 | 6.5 MEDIUM | mail() may release string with refcount==1 twice |
| CVE-2019-11047 | 4.8 MEDIUM | Heap-buffer-overflow READ in exif |
| CVE-2019-11050 | 4.8 MEDIUM | Use-after-free in exif parsing under memory sanitizer |
| CVE-2019-11045 | 3.7 LOW | DirectoryIterator class silently truncates after a null byte |
| CVE-2019-11046 | 3.7 LOW | Buffer underflow in bc_shift_addsub |
IV. Related Vulnerabilities
Same product: PHP
Same vendor: PHP Group
Same weakness: CWE-170
- CVE-2026-34032
Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due - CVE-2026-40334
libgphoto2 missing null termination in ptp_unpack_Canon_FE() - CVE-2026-33948
jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Pr - CVE-2026-2239
Gimp: gimp: application crash (dos) via crafted psd file due - CVE-2026-32837
mackron / miniaudio Out-of-Bounds Read in BEXT Coding Histor
V. Comments for CVE-2019-11044
No comments yet