Lucene search
FreeBSD31B145F2-D9D3-49A9-8023-11CF742205DCHistoryJul 10, 2013 - 12:00 a.m.
PHP5 -- Heap corruption in XML parser
2013-07-1000:00:00
vuxml.freebsd.org
19
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.614 Medium
EPSS
Percentile
97.8%
The PHP development team reports:
ext/xml/xml.c in PHP before 5.3.27 does not properly
consider parsing depth, which allows remote attackers to
cause a denial of service (heap memory corruption) or
possibly have unspecified other impact via a crafted
document that is processed by the xml_parse_into_struct
function.
References
Related
openvas
openvas
CentOS Update for php CESA-2013:1049 centos6
2013-07-16 00:00:00
CentOS Update for php53 CESA-2013:1050 centos5
2013-07-16 00:00:00
RedHat Update for php53 RHSA-2013:1050-01
2013-09-06 00:00:00
f5
f5
K15169 : PHP vulnerability CVE-2013-4113
2015-05-14 00:00:00
SOL15169 - PHP vulnerability CVE-2013-4113
2014-04-14 00:00:00
redhat
redhat
(RHSA-2013:1063) Critical: php security update
2013-07-15 00:00:00
(RHSA-2013:1061) Critical: php security update
2013-07-15 00:00:00
(RHSA-2013:1062) Critical: php53 security update
2013-07-15 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : php (MDVSA-2013:195)
2013-07-14 00:00:00
Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : php (SSA:2013-197-01)
2013-07-17 00:00:00
PHP 5.5.x < 5.5.1 xml.c Buffer Overflow
2013-08-14 00:00:00
centos
centos
php53 security update
2013-07-12 21:36:11
php security update
2013-07-12 21:32:43
prion
prion
Memory corruption
2013-07-13 13:10:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:56:08
amazon
amazon
Critical: php54
2013-07-12 15:56:00
Critical: php
2013-07-12 15:56:00
fedora
fedora
[SECURITY] Fedora 19 Update: php-5.5.0-2.fc19
2013-07-18 06:14:39
[SECURITY] Fedora 18 Update: php-5.4.17-2.fc18
2013-07-23 01:15:46
[SECURITY] Fedora 19 Update: php-5.5.3-1.fc19
2013-08-24 00:05:41
oraclelinux
oraclelinux
php security update
2013-07-12 00:00:00
php security update
2013-07-22 00:00:00
php53 security update
2013-07-12 00:00:00
securityvulns
securityvulns
Re: [ MDVSA-2013:195 ] php
2013-07-16 00:00:00
[ MDVSA-2013:195 ] php
2013-07-15 00:00:00
PHP memory corruption
2013-07-16 00:00:00
debian
debian
[SECURITY] [DSA 2723-1] php5 security update
2013-07-17 20:20:01
mageia
mageia
Updated php packages fix CVE-2013-4113
2013-07-26 15:48:08
Updated php packages fix CVE-2013-4113
2013-07-18 11:11:26
ubuntucve
ubuntucve
CVE-2013-4113
2013-07-12 00:00:00
cve
cve
CVE-2013-4113
2013-07-13 13:10:00
checkpoint_advisories
checkpoint_advisories
PHP xml_parse_into_struct Heap Memory Corruption (CVE-2013-4113)
2013-08-20 00:00:00
slackware
slackware
[slackware-security] php
2013-07-16 23:02:38
ubuntu
ubuntu
PHP vulnerabilities
2013-07-16 00:00:00
suse
suse
Security update for PHP5 (important)
2013-08-09 23:04:13
Security update for PHP5 (important)
2013-08-01 00:04:12
Security update for PHP5 (important)
2013-08-09 23:04:20
gentoo
gentoo
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.614 Medium
EPSS
Percentile
97.8%
Related for 31B145F2-D9D3-49A9-8023-11CF742205DC