Lucene search
Ubuntu.comUB:CVE-2013-1824HistorySep 16, 2013 - 12:00 a.m.
CVE-2013-1824
2013-09-1600:00:00
ubuntu.com
ubuntu.com
10
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
52.1%
The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote
attackers to read arbitrary files via a SOAP WSDL file containing an XML
external entity declaration in conjunction with an entity reference,
related to an XML External Entity (XXE) issue in the soap_xmlParseFile and
soap_xmlParseMemory functions.
Notes
| Author | Note |
|---|---|
| mdeslaur | this CVE is for an incomplete fix for CVE-2013-1643. Our CVE-2013-1643 did in fact have the complete fix, so we were not affected by this. |
Related
ubuntucve
ubuntucve
CVE-2013-1643
2013-03-06 00:00:00
cve
cve
CVE-2013-1643
2013-03-06 13:10:00
CVE-2013-1824
2013-09-16 13:02:00
nessus
nessus
PHP 5.4.x < 5.4.13 Information Disclosure
2013-05-24 00:00:00
PHP 5.3.x < 5.3.23 Multiple Vulnerabilities
2013-05-24 00:00:00
PHP 5.4.x < 5.4.12 Information Disclosure
2013-03-04 00:00:00
osv
osv
php5 - several vulnerabilities
2013-03-05 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2639-1)
2013-03-04 00:00:00
F5 BIG-IP - SOAP parser vulnerability CVE-2013-1824
2015-09-19 00:00:00
PHP SOAP Parser Multiple Information Disclosure Vulnerabilities
2013-09-24 00:00:00
seebug
seebug
PHP 'ext/soap/php_xml.c'ไธๅฎๆดไฟฎๅคๅคไธชไปปๆๆไปถๆณ้ฒๆผๆด
2013-09-18 00:00:00
f5
f5
SOL15879 - SOAP parser vulnerability CVE-2013-1824
2014-12-01 00:00:00
K15879 : SOAP parser vulnerability CVE-2013-1824
2015-01-30 00:00:00
K14433 : PHP SOAP vulnerability CVE-2013-1643
2013-09-17 00:00:00
veracode
veracode
XML External Entity (XXE)
2019-05-02 04:52:37
ubuntu
ubuntu
PHP vulnerability
2013-03-13 00:00:00
ptsecurity
ptsecurity
PT-2013-14: XML External Entities Injection in PHP
2013-03-14 00:00:00
debian
debian
[SECURITY] [DSA 2639-1] php5 security update
2013-03-05 17:22:41
securityvulns
securityvulns
PHP securiy vulnerabilities
2013-03-02 00:00:00
[ MDVSA-2013:016 ] php
2013-03-02 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: php-5.4.16-1.fc18
2013-06-20 02:31:36
[SECURITY] Fedora 18 Update: php-5.4.13-1.fc18
2013-04-03 04:40:40
[SECURITY] Fedora 18 Update: php-5.4.17-2.fc18
2013-07-23 01:15:46
slackware
slackware
php
2013-03-23 20:35:59
freebsd
freebsd
php5 -- Multiple vulnerabilities
2013-03-04 00:00:00
redhat
redhat
(RHSA-2013:1615) Moderate: php security, bug fix, and enhancement update
2013-11-21 00:00:00
(RHSA-2013:1814) Critical: php security update
2013-12-11 00:00:00
(RHSA-2013:1307) Moderate: php53 security, bug fix and enhancement update
2013-09-30 16:52:28
centos
centos
php security update
2013-11-26 13:32:36
php security update
2013-12-11 09:34:01
php53 security update
2013-10-07 12:42:03
suse
suse
Security update for PHP5 (important)
2013-08-09 23:04:16
Security update for PHP5 (important)
2013-08-01 00:04:12
Security update for PHP5 (important)
2013-08-09 23:04:20
oraclelinux
oraclelinux
php security, bug fix, and enhancement update
2013-11-25 00:00:00
php security update
2013-12-10 00:00:00
php53 security, bug fix and enhancement update
2013-10-02 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
hackerone
hackerone
Yahoo!: Out of date version
2014-03-30 08:47:50
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
52.1%
Related for UB:CVE-2013-1824