CVE-2013-3735

🗓️ 31 May 2013 21:00:00Reported by mitreType

The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, allowing context-dependent attackers to cause a denial of service via a crafted function definition

Reporter	Title	Published	Views	Family All 13
ATTACKERKB	CVE-2013-3735	31 May 201321:55	–	attackerkb
Circl	CVE-2013-3735	16 Jan 202520:55	–	circl
Cvelist	CVE-2013-3735	31 May 201321:00	–	cvelist
F5 Networks	K000150232: Multiple PHP vulnerabilities	4 Mar 202522:37	–	f5
Tenable Nessus	GLSA-201408-11 : PHP: Multiple vulnerabilities	30 Aug 201400:00	–	nessus
Gentoo Linux	PHP: Multiple vulnerabilities	29 Aug 201400:00	–	gentoo
NVD	CVE-2013-3735	31 May 201321:55	–	nvd
OpenVAS	Gentoo Security Advisory GLSA 201408-11	29 Sep 201500:00	–	openvas
Prion	Code injection	31 May 201321:55	–	prion
Positive Technologies	PT-2013-1337 · Php · Php	31 May 201300:00	–	ptsecurity

NVD

Node

php phpRange≤5.4.15rc1

php phpMatch5.4.0

php phpMatch5.4.1

php phpMatch5.4.2

php phpMatch5.4.3

php phpMatch5.4.4

php phpMatch5.4.5

php phpMatch5.4.6

php phpMatch5.4.7

php phpMatch5.4.8

php phpMatch5.4.9

php phpMatch5.4.10

php phpMatch5.4.11

php phpMatch5.4.12

php phpMatch5.4.12rc1

php phpMatch5.4.12rc2

php phpMatch5.4.13

php phpMatch5.4.13rc1

php phpMatch5.4.14

php phpMatch5.4.14rc1

Node

php phpRange≤5.5.0rc1

php phpMatch5.5.0alpha1

php phpMatch5.5.0alpha2

php phpMatch5.5.0alpha3

php phpMatch5.5.0alpha4

php phpMatch5.5.0alpha5

php phpMatch5.5.0alpha6

php phpMatch5.5.0beta1

php phpMatch5.5.0beta2

php phpMatch5.5.0beta3

php phpMatch5.5.0beta4

Source	Link
github	www.github.com/php/php-src/blob/php-5.5.0RC2/NEWS
github	www.github.com/php/php-src/commit/fb58e69a84f4fde603a630d2c9df2fa3be16d846
github	www.github.com/php/php-src/blob/php-5.4.16RC1/NEWS
bugs	www.bugs.php.net/bug.php

29 Apr 2026 01:13Current

6.6Medium risk

Vulners AI Score6.6

CVSS 25

CVSS 3.17.5

EPSS0.00706

CWE-20