CVE-2020-7062 | Zend by Perforce

NULL pointer dereference in PHP session upload progress

Publication Date	2020-02-04
Severity	Moderate
Type	Denial of Service
Affected PHP Versions	5.6.0 - 5.6.40 7.0.0 - 7.0.33 7.1.0 - 7.1.33 7.2.0 - 7.2.27 7.3.0 - 7.3.14 7.4.0 - 7.4.2
Fixed Product Versions	ZendPHP 5.6 ZendPHP 7.1 ZendPHP 7.2 ZendPHP 7.3 ZendPHP 7.4 ZendServer 2019.0.4

CVE Details

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15, and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled) and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter a null pointer dereference, which would likely lead to a crash.

Recommendations

Set the session.upload_progress.cleanup INI value to 1 (enabled).

When possible, upgrade to 7.2.28 or above, 7.3.15 or above, or 7.4.3 or above.

< View all CVEs