CVE-2014-2383 — DOMPDF Arbitrary File Read

Description

dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the input_file parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the input_file parameter.

How to fix CVE-2014-2383

To remediate CVE-2014-2383, upgrade the affected package to a fixed version below.

Debian/php-dompdf—upgrade to 0.6.1+dfsg-2 or later
Packagist/dompdf/dompdf—upgrade to 0.6.1 or later

Is CVE-2014-2383 being exploited?

Likely — EPSS is 54.9%, placing CVE-2014-2383 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.

Affected packages (2)

from 0, < 0.6.1+dfsg-2
>= 0.6.0, < 0.6.1

References (7)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2014-2383
ADVISORYsecurity-tracker.debian.org/tracker/CVE-2014-2383
PATCHgithub.com/dompdf/dompdf
WEBseclists.org/fulldisclosure/2014/Apr/258
WEB