CVE-2018-19395 : What You Need to Know

A vulnerability has been discovered in PHP versions 5.x through 7.1.24 on Windows that allows attackers to trigger a denial of service attack by exploiting a specific function. This CVE was published on November 20, 2018, and can lead to application crashes.

Understanding CVE-2018-19395

This CVE affects PHP versions 5.x through 7.1.24 on Windows and involves a vulnerability in the com_properties_get function in ext/com_dotnet/com_handlers.c.

What is CVE-2018-19395?

The vulnerability in PHP versions 5.x through 7.1.24 on Windows allows attackers to cause a denial of service attack by exploiting the com_properties_get function.

The Impact of CVE-2018-19395

Exploiting this vulnerability can lead to a denial of service attack, resulting in the application crashing. Attackers can trigger this vulnerability by making a serialize call on COM("WScript.Shell").

Technical Details of CVE-2018-19395

This section provides more technical insights into the vulnerability.

Vulnerability Description

The vulnerability arises from the return of NULL in the com_properties_get function in ext/com_dotnet/com_handlers.c when using the com and com_safearray_proxy functions.

Affected Systems and Versions

PHP versions 5.x through 7.1.24 on Windows

Exploitation Mechanism

Attackers can exploit this vulnerability by making a serialize call on COM("WScript.Shell").

Mitigation and Prevention

Protecting systems from CVE-2018-19395 involves taking immediate steps and implementing long-term security practices.

Immediate Steps to Take

Monitor security advisories for patches and updates related to this vulnerability
Consider restricting access to potentially vulnerable functions

Long-Term Security Practices

Regularly update PHP to the latest secure version
Implement proper input validation and sanitization to prevent exploitation

Patching and Updates

Apply patches provided by PHP to address this vulnerability