Lucene search

K
ubuntuUbuntuUSN-2055-1
HistoryDec 12, 2013 - 12:00 a.m.

PHP vulnerabilities

2013-12-1200:00:00
ubuntu.com
75

10 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.95 High

EPSS

Percentile

99.3%

Releases

  • Ubuntu 13.10
  • Ubuntu 13.04
  • Ubuntu 12.10
  • Ubuntu 12.04
  • Ubuntu 10.04

Packages

  • php5 - HTML-embedded scripting language interpreter

Details

Stefan Esser discovered that PHP incorrectly parsed certificates. An
attacker could use a malformed certificate to cause PHP to crash, resulting
in a denial of service, or possibly execute arbitrary code. (CVE-2013-6420)

It was discovered that PHP incorrectly handled DateInterval objects. An
attacker could use this issue to cause PHP to crash, resulting in a denial
of service. (CVE-2013-6712)

OSVersionArchitecturePackageVersionFilename
Ubuntu13.10noarchphp5-cli< 5.5.3+dfsg-1ubuntu2.1UNKNOWN
Ubuntu13.10noarchlibapache2-mod-php5< 5.5.3+dfsg-1ubuntu2.1UNKNOWN
Ubuntu13.10noarchlibapache2-mod-php5filter< 5.5.3+dfsg-1ubuntu2.1UNKNOWN
Ubuntu13.10noarchlibphp5-embed< 5.5.3+dfsg-1ubuntu2.1UNKNOWN
Ubuntu13.10noarchphp5-cgi< 5.5.3+dfsg-1ubuntu2.1UNKNOWN
Ubuntu13.10noarchphp5-common< 5.5.3+dfsg-1ubuntu2.1UNKNOWN
Ubuntu13.10noarchphp5-curl< 5.5.3+dfsg-1ubuntu2.1UNKNOWN
Ubuntu13.10noarchphp5-dbg< 5.5.3+dfsg-1ubuntu2.1UNKNOWN
Ubuntu13.10noarchphp5-dev< 5.5.3+dfsg-1ubuntu2.1UNKNOWN
Ubuntu13.10noarchphp5-enchant< 5.5.3+dfsg-1ubuntu2.1UNKNOWN
Rows per page:
1-10 of 1321

10 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.95 High

EPSS

Percentile

99.3%