K15169: PHP vulnerability CVE-2013-4113

Security Advisory Description ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the xmlparseintostruct...

SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)

This update for php53 to version 5.3.17 fixes the following issues : These security issues were fixed : - CVE-2016-5093: geticuvalueinternal out-of-bounds read bnc982010. - CVE-2016-5094: Don't create strings with lengths outside int range bnc982011. - CVE-2016-5095: Don't create strings with...

PHP < 5.5.35, 5.6.x < 5.6.21, 7.x < 7.0.6 Multiple Vulnerabilities (Jul 2016) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

CVE-2016-4539

The xmlparseintostruct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service buffer under-read and segmentation fault or possibly have unspecified other impact via crafted XML data in the second argument,...

Design/Logic Flaw

The xmlparseintostruct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service buffer under-read and segmentation fault or possibly have unspecified other impact via crafted XML data in the second argument,...

CVE-2016-4539

Removed by vendor...

PHP has an unspecified vulnerability (CNVD-2016-02885)

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A security vulnerability in PHP's handling of XML files allows remote attackers to exploit the vulnerability to trigger an xmlparseintostruct segment error...

CVE-2016-4539

The xmlparseintostruct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service buffer under-read and segmentation fault or possibly have unspecified other impact via crafted XML data in the second argument,...

PHP xml_parse_into_struct Heap Memory Corruption (CVE-2013-4113)

A heap memory corruption vulnerability exists in xmlparseintostruct function in PHP...

Ubuntu Update for php5 USN-1905-1

Check for the Version of php5 OpenVAS Vulnerability Test $Id: gbubuntuUSN19051.nasl 8650 2018-02-03 12:16:59Z teissa $ Ubuntu Update for php5 USN-1905-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...

php: xml_parse_into_struct buffer overflow when parsing deeply nested XML

ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the xmlparseintostruct function...