ID CVE-2013-4113
Summary ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
References
Vulnerable Configurations
  • PHP 5.3.26
    cpe:2.3:a:php:php:5.3.26
  • PHP 5.3.25
    cpe:2.3:a:php:php:5.3.25
  • PHP 5.3.24
    cpe:2.3:a:php:php:5.3.24
  • PHP 5.3.23
    cpe:2.3:a:php:php:5.3.23
  • PHP 5.3.22
    cpe:2.3:a:php:php:5.3.22
  • PHP 5.3.12
    cpe:2.3:a:php:php:5.3.12
  • PHP 5.3.14
    cpe:2.3:a:php:php:5.3.14
  • PHP 5.3.16
    cpe:2.3:a:php:php:5.3.16
  • PHP 5.3.8
    cpe:2.3:a:php:php:5.3.8
  • PHP 5.3.11
    cpe:2.3:a:php:php:5.3.11
  • PHP 5.3.15
    cpe:2.3:a:php:php:5.3.15
  • PHP 5.3.4
    cpe:2.3:a:php:php:5.3.4
  • PHP 5.3.19
    cpe:2.3:a:php:php:5.3.19
  • PHP 5.3.18
    cpe:2.3:a:php:php:5.3.18
  • PHP 5.3.21
    cpe:2.3:a:php:php:5.3.21
  • PHP 5.3.17
    cpe:2.3:a:php:php:5.3.17
  • PHP 5.3.3
    cpe:2.3:a:php:php:5.3.3
  • PHP 5.3.20
    cpe:2.3:a:php:php:5.3.20
  • PHP 5.3.0
    cpe:2.3:a:php:php:5.3.0
  • PHP 5.3.1
    cpe:2.3:a:php:php:5.3.1
  • PHP 5.3.7
    cpe:2.3:a:php:php:5.3.7
  • PHP 5.3.6
    cpe:2.3:a:php:php:5.3.6
  • PHP 5.3.5
    cpe:2.3:a:php:php:5.3.5
  • PHP 5.3.9
    cpe:2.3:a:php:php:5.3.9
  • PHP 5.3.13
    cpe:2.3:a:php:php:5.3.13
  • PHP 5.3.2
    cpe:2.3:a:php:php:5.3.2
  • PHP 5.3.10
    cpe:2.3:a:php:php:5.3.10
CVSS
Base: 6.8 (as of 15-07-2013 - 11:31)
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2013-1316-1.NASL
    description The following security issues have been fixed : - CVE-2013-4635 (bnc#828020): - Integer overflow in SdnToJewish() - CVE-2013-4113 (bnc#829207): - heap corruption due to badly formed xml Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-31
    plugin id 83598
    published 2015-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83598
    title SUSE SLES11 Security Update : PHP5 (SUSE-SU-2013:1316-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-604.NASL
    description - fixing the following security issues : - CVE-2013-4635.patch (bnc#828020) : - Integer overflow in the SdnToJewish - CVE-2013-1635.patch and CVE-2013-1643.patch (bnc#807707) : - reading system files via untrusted SOAP input - soap.wsdl_cache_dir function did not honour PHP open_basedir - CVE-2013-4113.patch (bnc#829207) : - heap corruption due to badly formed xml
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75096
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75096
    title openSUSE Security Update : php5 (openSUSE-SU-2013:1244-1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201408-11.NASL
    description The remote host is affected by the vulnerability described in GLSA-201408-11 (PHP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker can cause arbitrary code execution, create a Denial of Service condition, read or write arbitrary files, impersonate other servers, hijack a web session, or have other unspecified impact. Additionally, a local attacker could gain escalated privileges. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 77455
    published 2014-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77455
    title GLSA-201408-11 : PHP: Multiple vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_9_2.NASL
    description The remote host is running a version of Mac OS X 10.9.x that is prior to 10.9.2. This update contains several security-related fixes for the following components : - Apache - ATS - Certificate Trust Policy - CoreAnimation - CoreText - curl - Data Security - Date and Time - File Bookmark - Finder - ImageIO - NVIDIA Drivers - PHP - QuickLook - QuickTime Note that successful exploitation of the most serious issues could result in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 72687
    published 2014-02-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72687
    title Mac OS X 10.9.x < 10.9.2 Multiple Vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1905-1.NASL
    description It was discovered that PHP incorrectly handled the xml_parse_into_struct function. If a PHP application parsed untrusted XML, an attacker could use this flaw with a specially crafted XML document to cause PHP to crash, resulting in a denial of service, or to possibly execute arbitrary code. (CVE-2013-4113) It was discovered that PHP incorrectly handled the jdtojewish function. An attacker could use this flaw to cause PHP to crash, resulting in a denial of service. (CVE-2013-4635). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 68923
    published 2013-07-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68923
    title Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : php5 vulnerabilities (USN-1905-1)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2014-001.NASL
    description The remote host is running a version of Mac OS X 10.7 or 10.8 that does not have Security Update 2014-001 applied. This update contains several security-related fixes for the following components : - Apache - App Sandbox - ATS - Certificate Trust Policy - CFNetwork Cookies - CoreAnimation - Date and Time - File Bookmark - ImageIO - IOSerialFamily - LaunchServices - NVIDIA Drivers - PHP - QuickLook - QuickTime - Secure Transport Note that successful exploitation of the most serious issues could result in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 72688
    published 2014-02-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72688
    title Mac OS X Multiple Vulnerabilities (Security Update 2014-001) (BEAST)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1061.NASL
    description Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5.3 Long Life, and Red Hat Enterprise Linux 5.6, 6.2 and 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-4113) All php users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-26
    plugin id 79287
    published 2014-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79287
    title RHEL 5 / 6 : php (RHSA-2013:1061)
  • NASL family CGI abuses
    NASL id PHP_5_3_27.NASL
    description According to its banner, the version of PHP 5.3.x installed on the remote host is prior to 5.3.27. It is, therefore, potentially affected by the following vulnerabilities: - A buffer overflow error exists in the function '_pdo_pgsql_error'. (Bug #64949) - A heap corruption error exists in numerous functions in the file 'ext/xml/xml.c'. (CVE-2013-4113 / Bug #65236) Note that this plugin does not attempt to exploit these vulnerabilities, but instead relies only on PHP's self-reported version number.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 67259
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67259
    title PHP 5.3.x < 5.3.27 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_APACHE2-MOD_PHP53-130717.NASL
    description The following security issues have been fixed : - (bnc#828020):. (CVE-2013-4635) - Integer overflow in SdnToJewish() - (bnc#829207):. (CVE-2013-4113) - heap corruption due to badly formed xml
    last seen 2018-09-02
    modified 2017-07-20
    plugin id 69295
    published 2013-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69295
    title SuSE 11.2 / 11.3 Security Update : PHP5 (SAT Patch Numbers 8087 / 8088)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_APACHE2-MOD_PHP5-130718.NASL
    description The following security issues have been fixed : - (bnc#828020):. (CVE-2013-4635) - Integer overflow in SdnToJewish() - (bnc#807707):. (CVE-2013-1635 / CVE-2013-1643) - reading system files via untrusted SOAP input - soap.wsdl_cache_dir function did not honour PHP open_basedir - (bnc#829207):. (CVE-2013-4113) - heap corruption due to badly formed xml
    last seen 2019-02-21
    modified 2017-07-20
    plugin id 69294
    published 2013-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69294
    title SuSE 11.2 Security Update : PHP5 (SAT Patch Number 8086)
  • NASL family Junos Local Security Checks
    NASL id JUNIPER_JSA10804.NASL
    description According to its self-reported version number and configuration, the remote Juniper Junos device is affected by multiple vulnerabilities in the included PHP version : - An unspecified flaw exists in the SQLite extension that allows an unauthenticated, remote attacker to bypass the 'open_basedir' constraint. (CVE-2012-3365) - A heap-based buffer overflow condition exists in file ext/xml/xml.c due to not properly considering parsing depth. An unauthenticated, remote attacker can exploit this issue, via a specially crafted XML document that is processed by the xml_parse_into_struct() function, to cause a denial of service condition or the execution of arbitrary code. (CVE-2013-4113) - A memory corruption issue exists in the PHP OpenSSL extension in the openssl_x509_parse() function due to improper sanitization of user-supplied input when parsing 'notBefore' and 'notAfter' timestamps in X.509 certificates. An unauthenticated, remote attacker can exploit this issue, via a specially crafted certificate, to cause a denial of service condition or the execution of arbitrary code. (CVE-2013-6420) - A double-free error exists in the zend_ts_hash_graceful_destroy() function within file Zend/zend_ts_hash.c that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2014-9425)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 102079
    published 2017-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102079
    title Juniper Junos PHP multiple vulnerabilities (JSA10804)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-1063.NASL
    description Description of changes: [4.3.9-3.37.0.1] - rebuild with higher version [4.3.9-3.36.0.1] - add security fix for CVE-2013-4113 (orabz: #15820)
    last seen 2019-01-03
    modified 2019-01-02
    plugin id 69009
    published 2013-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69009
    title Oracle Linux 4 : php (ELSA-2013-1063)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2013-195.NASL
    description A vulnerability has been discovered and corrected in php : - Fixed PHP bug #65236 (heap corruption in xml parser) (CVE-2013-4113). The updated packages have been upgraded to the 5.3.27 version which is not vulnerable to this issue. The php-timezonedb package has been updated to the 2013.4 version. Additionally, some packages which requires so has been rebuilt for php-5.3.27.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 68862
    published 2013-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68862
    title Mandriva Linux Security Advisory : php (MDVSA-2013:195)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_31B145F2D9D349A9802311CF742205DC.NASL
    description The PHP development team reports : ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 68917
    published 2013-07-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68917
    title FreeBSD : PHP5 -- Heap corruption in XML parser (31b145f2-d9d3-49a9-8023-11cf742205dc)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_PHP_20140401.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID. (CVE-2011-4718) - Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an 'overflow.' (CVE-2012-2688) - The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors. (CVE-2012-3365) - ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory. (CVE-2013-1635) - The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-1824. (CVE-2013-1643) - Heap-based buffer overflow in the php_quot_print_encode function in ext/ standard/quot_print.c in PHP before 5.3.26 and 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted argument to the quoted_printable_encode function. (CVE-2013-2110) - ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function. (CVE-2013-4113) - The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. (CVE-2013-4248) - Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function. (CVE-2013-4635) - The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via an MP3 file that triggers incorrect MIME type detection during access to an finfo object. (CVE-2013-4636)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80736
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80736
    title Oracle Solaris Third-Party Patch Update : php (cve_2013_4113_buffer_errors)
  • NASL family CGI abuses
    NASL id PHP_5_4_18.NASL
    description According to its banner, the version of PHP 5.4.x installed on the remote host is a version prior to 5.4.18. It is, therefore, potentially affected by the following vulnerabilities : - A heap corruption error exists in numerous functions in the file 'ext/xml/xml.c'. (CVE-2013-4113 / Bug #65236) - An error exists related to certificate validation, the 'subjectAltName' field and certificates containing NULL bytes. This error can allow spoofing attacks. (CVE-2013-4248) Note that this plugin does not attempt to exploit these vulnerabilities, but instead relies only on PHP's self-reported version number.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 69401
    published 2013-08-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69401
    title PHP 5.4.x < 5.4.18 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_APACHE2-MOD_PHP5-8647.NASL
    description The following security issues have been fixed : - (bnc#828020): o Integer overflow in SdnToJewish(). (CVE-2013-4635) - (bnc#807707): o reading system files via untrusted SOAP input o soap.wsdl_cache_dir function did not honour PHP open_basedir. (CVE-2013-1635 / CVE-2013-1643) - (bnc#829207): o heap corruption due to badly formed xml. (CVE-2013-4113)
    last seen 2019-02-21
    modified 2017-07-20
    plugin id 69172
    published 2013-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69172
    title SuSE 10 Security Update : PHP5 (ZYPP Patch Number 8647)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_APACHE2-MOD_PHP53-130718.NASL
    description The following security issues have been fixed : - (bnc#828020):. (CVE-2013-4635) - Integer overflow in SdnToJewish() - (bnc#829207):. (CVE-2013-4113) - heap corruption due to badly formed xml
    last seen 2018-09-01
    modified 2017-07-20
    plugin id 69296
    published 2013-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69296
    title SuSE 11.2 / 11.3 Security Update : PHP5 (SAT Patch Numbers 8087 / 8088)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-1050.NASL
    description From Red Hat Security Advisory 2013:1050 : Updated php53 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-4113) All php53 users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68864
    published 2013-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68864
    title Oracle Linux 5 : php53 (ELSA-2013-1050)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1050.NASL
    description Updated php53 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-4113) All php53 users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 68866
    published 2013-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68866
    title RHEL 5 : php53 (RHSA-2013:1050)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL15169.NASL
    description ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 83477
    published 2015-05-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83477
    title F5 Networks BIG-IP : PHP vulnerability (SOL15169)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2723.NASL
    description It was discovered that PHP could perform an invalid free request when processing crafted XML documents, corrupting the heap and potentially leading to arbitrary code execution. Depending on the PHP application, this vulnerability could be exploited remotely.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 68942
    published 2013-07-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68942
    title Debian DSA-2723-1 : php5 - heap corruption
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2013-211.NASL
    description A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-4113)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 69769
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69769
    title Amazon Linux AMI : php (ALAS-2013-211)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2013-212.NASL
    description A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-4113)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 69770
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69770
    title Amazon Linux AMI : php54 (ALAS-2013-212)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-1049.NASL
    description Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-4113) All php users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 68858
    published 2013-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68858
    title CentOS 5 / 6 : php (CESA-2013:1049)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1049.NASL
    description Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-4113) All php users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 68865
    published 2013-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68865
    title RHEL 5 / 6 : php (RHSA-2013:1049)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-1050.NASL
    description Updated php53 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-4113) All php53 users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 68859
    published 2013-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68859
    title CentOS 5 : php53 (CESA-2013:1050)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-12354.NASL
    description 04 Jul 2013, PHP 5.4.17 Core : - Fixed bug #64988 (Class loading order affects E_STRICT warning). (Laruence) - Fixed bug #64966 (segfault in zend_do_fcall_common_helper_SPEC). (Laruence) - Fixed bug #64960 (Segfault in gc_zval_possible_root). (Laruence) - Fixed bug #64936 (doc comments picked up from previous scanner run). (Stas, Jonathan Oddy) - Fixed bug #64934 (Apache2 TS crash with get_browser()). (Anatol) - Fixed bug #64166 (quoted-printable-encode stream filter incorrectly discarding whitespace). (Michael M Slusarz) DateTime : - Fixed bug #53437 (Crash when using unserialized DatePeriod instance). (Gustavo, Derick, Anatol) FPM : - Fixed Bug #64915 (error_log ignored when daemonize=0). (Remi) - Implemented FR #64764 (add support for FPM init.d script). (Lior Kaplan) PDO : - Fixed bug #63176 (Segmentation fault when instantiate 2 persistent PDO to the same db server). (Laruence) PDO_DBlib : - Fixed bug #63638 (Cannot connect to SQL Server 2008 with PDO dblib). (Stanley Sufficool) - Fixed bug #64338 (pdo_dblib can't connect to Azure SQL). (Stanley Sufficool) - Fixed bug #64808 (FreeTDS PDO getColumnMeta on a prepared but not executed statement crashes). (Stanley Sufficool) PDO_firebird : - Fixed bug #64037 (Firebird return wrong value for numeric field). (Matheus Degiovani, Matteo) - Fixed bug #62024 (Cannot insert second row with null using parametrized query). (patch by james at kenjim.com, Matheus Degiovani, Matteo) PDO_mysql : - Fixed bug #48724 (getColumnMeta() doesn't return native_type for BIT, TINYINT and YEAR). (Antony, Daniel Beardsley) PDO_pgsql : - Fixed Bug #64949 (Buffer overflow in _pdo_pgsql_error). (Remi) pgsql : - Fixed bug #64609 (pg_convert enum type support). (Matteo) Readline : - Implement FR #55694 (Expose additional readline variable to prevent default filename completion). (Hartmel) SPL : - Fixed bug #64997 (Segfault while using RecursiveIteratorIterator on 64-bits systems). (Laruence) Backported from 5.4.18 CGI : - Fixed Bug #65143 (Missing php-cgi man page). (Remi) Phar : - Fixed Bug #65142 (Missing phar man page). (Remi) XML : - Fixed bug #65236 (heap corruption in xml parser). CVE-2013-4113 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 69001
    published 2013-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69001
    title Fedora 17 : php-5.4.17-2.fc17 (2013-12354)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-12977.NASL
    description XML : - Fixed bug #65236 (heap corruption in xml parser). CVE-2013-4113 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 68973
    published 2013-07-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68973
    title Fedora 19 : php-5.5.0-2.fc19 (2013-12977)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20130712_PHP_ON_SL5_X.NASL
    description A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially- crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-4113) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 68868
    published 2013-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68868
    title Scientific Linux Security Update : php on SL5.x, SL6.x i386/x86_64
  • NASL family CGI abuses
    NASL id PHP_5_5_1.NASL
    description According to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.1. It is, therefore, potentially affected by a buffer overflow error that exists in the file 'ext/xml/xml.c'. Note that this plugin does not attempt to exploit this vulnerability, but instead relies only on PHP's self-reported version number.
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 69348
    published 2013-08-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69348
    title PHP 5.5.x < 5.5.1 xml.c Buffer Overflow
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-12315.NASL
    description 04 Jul 2013, PHP 5.4.17 Core : - Fixed bug #64988 (Class loading order affects E_STRICT warning). (Laruence) - Fixed bug #64966 (segfault in zend_do_fcall_common_helper_SPEC). (Laruence) - Fixed bug #64960 (Segfault in gc_zval_possible_root). (Laruence) - Fixed bug #64936 (doc comments picked up from previous scanner run). (Stas, Jonathan Oddy) - Fixed bug #64934 (Apache2 TS crash with get_browser()). (Anatol) - Fixed bug #64166 (quoted-printable-encode stream filter incorrectly discarding whitespace). (Michael M Slusarz) DateTime : - Fixed bug #53437 (Crash when using unserialized DatePeriod instance). (Gustavo, Derick, Anatol) FPM : - Fixed Bug #64915 (error_log ignored when daemonize=0). (Remi) - Implemented FR #64764 (add support for FPM init.d script). (Lior Kaplan) PDO : - Fixed bug #63176 (Segmentation fault when instantiate 2 persistent PDO to the same db server). (Laruence) PDO_DBlib : - Fixed bug #63638 (Cannot connect to SQL Server 2008 with PDO dblib). (Stanley Sufficool) - Fixed bug #64338 (pdo_dblib can't connect to Azure SQL). (Stanley Sufficool) - Fixed bug #64808 (FreeTDS PDO getColumnMeta on a prepared but not executed statement crashes). (Stanley Sufficool) PDO_firebird : - Fixed bug #64037 (Firebird return wrong value for numeric field). (Matheus Degiovani, Matteo) - Fixed bug #62024 (Cannot insert second row with null using parametrized query). (patch by james at kenjim.com, Matheus Degiovani, Matteo) PDO_mysql : - Fixed bug #48724 (getColumnMeta() doesn't return native_type for BIT, TINYINT and YEAR). (Antony, Daniel Beardsley) PDO_pgsql : - Fixed Bug #64949 (Buffer overflow in _pdo_pgsql_error). (Remi) pgsql : - Fixed bug #64609 (pg_convert enum type support). (Matteo) Readline : - Implement FR #55694 (Expose additional readline variable to prevent default filename completion). (Hartmel) SPL : - Fixed bug #64997 (Segfault while using RecursiveIteratorIterator on 64-bits systems). (Laruence) Backported from 5.4.18 CGI : - Fixed Bug #65143 (Missing php-cgi man page). (Remi) Phar : - Fixed Bug #65142 (Missing phar man page). (Remi) XML : - Fixed bug #65236 (heap corruption in xml parser). CVE-2013-4113 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 69000
    published 2013-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69000
    title Fedora 18 : php-5.4.17-2.fc18 (2013-12315)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1062.NASL
    description Updated php53 packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-4113) All php53 users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 79288
    published 2014-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79288
    title RHEL 5 : php53 (RHSA-2013:1062)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20130712_PHP53_ON_SL5_X.NASL
    description A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially- crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-4113) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 68867
    published 2013-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68867
    title Scientific Linux Security Update : php53 on SL5.x i386/x86_64
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-1049.NASL
    description From Red Hat Security Advisory 2013:1049 : Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-4113) All php users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68863
    published 2013-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68863
    title Oracle Linux 5 / 6 : php (ELSA-2013-1049)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2013-197-01.NASL
    description New php packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 68916
    published 2013-07-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68916
    title Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : php (SSA:2013-197-01)
redhat via4
advisories
  • bugzilla
    id 983689
    title CVE-2013-4113 php: xml_parse_into_struct buffer overflow when parsing deeply nested XML
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhsa:tst:20070055001
      • OR
        • AND
          • comment php is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049002
          • comment php is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082003
        • AND
          • comment php-bcmath is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049028
          • comment php-bcmath is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082011
        • AND
          • comment php-cli is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049008
          • comment php-cli is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082019
        • AND
          • comment php-common is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049024
          • comment php-common is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082009
        • AND
          • comment php-dba is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049014
          • comment php-dba is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082007
        • AND
          • comment php-devel is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049010
          • comment php-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082021
        • AND
          • comment php-gd is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049022
          • comment php-gd is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082035
        • AND
          • comment php-imap is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049034
          • comment php-imap is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082031
        • AND
          • comment php-ldap is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049016
          • comment php-ldap is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082029
        • AND
          • comment php-mbstring is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049026
          • comment php-mbstring is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082033
        • AND
          • comment php-mysql is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049018
          • comment php-mysql is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082025
        • AND
          • comment php-ncurses is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049030
          • comment php-ncurses is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082013
        • AND
          • comment php-odbc is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049036
          • comment php-odbc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082037
        • AND
          • comment php-pdo is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049004
          • comment php-pdo is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082027
        • AND
          • comment php-pgsql is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049038
          • comment php-pgsql is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082023
        • AND
          • comment php-snmp is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049006
          • comment php-snmp is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082017
        • AND
          • comment php-soap is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049012
          • comment php-soap is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082015
        • AND
          • comment php-xml is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049020
          • comment php-xml is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082039
        • AND
          • comment php-xmlrpc is earlier than 0:5.1.6-40.el5_9
            oval oval:com.redhat.rhsa:tst:20131049032
          • comment php-xmlrpc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070082005
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhsa:tst:20100842001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhsa:tst:20100842002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhsa:tst:20100842003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhsa:tst:20100842004
      • OR
        • AND
          • comment php is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049044
          • comment php is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195006
        • AND
          • comment php-bcmath is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049054
          • comment php-bcmath is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195048
        • AND
          • comment php-cli is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049088
          • comment php-cli is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195044
        • AND
          • comment php-common is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049062
          • comment php-common is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195010
        • AND
          • comment php-dba is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049074
          • comment php-dba is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195054
        • AND
          • comment php-devel is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049078
          • comment php-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195032
        • AND
          • comment php-embedded is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049076
          • comment php-embedded is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195038
        • AND
          • comment php-enchant is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049056
          • comment php-enchant is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195026
        • AND
          • comment php-fpm is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049080
          • comment php-fpm is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20130514036
        • AND
          • comment php-gd is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049070
          • comment php-gd is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195056
        • AND
          • comment php-imap is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049082
          • comment php-imap is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195040
        • AND
          • comment php-intl is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049096
          • comment php-intl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195030
        • AND
          • comment php-ldap is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049048
          • comment php-ldap is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195046
        • AND
          • comment php-mbstring is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049090
          • comment php-mbstring is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195042
        • AND
          • comment php-mysql is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049066
          • comment php-mysql is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195008
        • AND
          • comment php-odbc is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049086
          • comment php-odbc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195020
        • AND
          • comment php-pdo is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049092
          • comment php-pdo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195018
        • AND
          • comment php-pgsql is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049052
          • comment php-pgsql is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195014
        • AND
          • comment php-process is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049068
          • comment php-process is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195016
        • AND
          • comment php-pspell is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049094
          • comment php-pspell is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195028
        • AND
          • comment php-recode is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049060
          • comment php-recode is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195050
        • AND
          • comment php-snmp is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049072
          • comment php-snmp is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195036
        • AND
          • comment php-soap is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049064
          • comment php-soap is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195024
        • AND
          • comment php-tidy is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049084
          • comment php-tidy is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195012
        • AND
          • comment php-xml is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049058
          • comment php-xml is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195022
        • AND
          • comment php-xmlrpc is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049046
          • comment php-xmlrpc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195052
        • AND
          • comment php-zts is earlier than 0:5.3.3-23.el6_4
            oval oval:com.redhat.rhsa:tst:20131049050
          • comment php-zts is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110195034
    rhsa
    id RHSA-2013:1049
    released 2013-07-12
    severity Critical
    title RHSA-2013:1049: php security update (Critical)
  • bugzilla
    id 983689
    title CVE-2013-4113 php: xml_parse_into_struct buffer overflow when parsing deeply nested XML
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment php53 is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050002
        • comment php53 is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196003
      • AND
        • comment php53-bcmath is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050028
        • comment php53-bcmath is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196015
      • AND
        • comment php53-cli is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050016
        • comment php53-cli is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196025
      • AND
        • comment php53-common is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050020
        • comment php53-common is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196023
      • AND
        • comment php53-dba is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050022
        • comment php53-dba is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196019
      • AND
        • comment php53-devel is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050004
        • comment php53-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196033
      • AND
        • comment php53-gd is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050026
        • comment php53-gd is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196021
      • AND
        • comment php53-imap is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050010
        • comment php53-imap is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196005
      • AND
        • comment php53-intl is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050042
        • comment php53-intl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196043
      • AND
        • comment php53-ldap is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050040
        • comment php53-ldap is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196031
      • AND
        • comment php53-mbstring is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050008
        • comment php53-mbstring is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196029
      • AND
        • comment php53-mysql is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050024
        • comment php53-mysql is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196013
      • AND
        • comment php53-odbc is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050006
        • comment php53-odbc is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196037
      • AND
        • comment php53-pdo is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050018
        • comment php53-pdo is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196011
      • AND
        • comment php53-pgsql is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050012
        • comment php53-pgsql is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196007
      • AND
        • comment php53-process is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050032
        • comment php53-process is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196027
      • AND
        • comment php53-pspell is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050030
        • comment php53-pspell is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196039
      • AND
        • comment php53-snmp is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050038
        • comment php53-snmp is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196009
      • AND
        • comment php53-soap is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050014
        • comment php53-soap is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196041
      • AND
        • comment php53-xml is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050034
        • comment php53-xml is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196035
      • AND
        • comment php53-xmlrpc is earlier than 0:5.3.3-13.el5_9.1
          oval oval:com.redhat.rhsa:tst:20131050036
        • comment php53-xmlrpc is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110196017
    rhsa
    id RHSA-2013:1050
    released 2013-07-12
    severity Critical
    title RHSA-2013:1050: php53 security update (Critical)
  • rhsa
    id RHSA-2013:1061
  • rhsa
    id RHSA-2013:1062
  • rhsa
    id RHSA-2013:1063
rpms
  • php-0:5.1.6-40.el5_9
  • php-bcmath-0:5.1.6-40.el5_9
  • php-cli-0:5.1.6-40.el5_9
  • php-common-0:5.1.6-40.el5_9
  • php-dba-0:5.1.6-40.el5_9
  • php-devel-0:5.1.6-40.el5_9
  • php-gd-0:5.1.6-40.el5_9
  • php-imap-0:5.1.6-40.el5_9
  • php-ldap-0:5.1.6-40.el5_9
  • php-mbstring-0:5.1.6-40.el5_9
  • php-mysql-0:5.1.6-40.el5_9
  • php-ncurses-0:5.1.6-40.el5_9
  • php-odbc-0:5.1.6-40.el5_9
  • php-pdo-0:5.1.6-40.el5_9
  • php-pgsql-0:5.1.6-40.el5_9
  • php-snmp-0:5.1.6-40.el5_9
  • php-soap-0:5.1.6-40.el5_9
  • php-xml-0:5.1.6-40.el5_9
  • php-xmlrpc-0:5.1.6-40.el5_9
  • php-0:5.3.3-23.el6_4
  • php-bcmath-0:5.3.3-23.el6_4
  • php-cli-0:5.3.3-23.el6_4
  • php-common-0:5.3.3-23.el6_4
  • php-dba-0:5.3.3-23.el6_4
  • php-devel-0:5.3.3-23.el6_4
  • php-embedded-0:5.3.3-23.el6_4
  • php-enchant-0:5.3.3-23.el6_4
  • php-fpm-0:5.3.3-23.el6_4
  • php-gd-0:5.3.3-23.el6_4
  • php-imap-0:5.3.3-23.el6_4
  • php-intl-0:5.3.3-23.el6_4
  • php-ldap-0:5.3.3-23.el6_4
  • php-mbstring-0:5.3.3-23.el6_4
  • php-mysql-0:5.3.3-23.el6_4
  • php-odbc-0:5.3.3-23.el6_4
  • php-pdo-0:5.3.3-23.el6_4
  • php-pgsql-0:5.3.3-23.el6_4
  • php-process-0:5.3.3-23.el6_4
  • php-pspell-0:5.3.3-23.el6_4
  • php-recode-0:5.3.3-23.el6_4
  • php-snmp-0:5.3.3-23.el6_4
  • php-soap-0:5.3.3-23.el6_4
  • php-tidy-0:5.3.3-23.el6_4
  • php-xml-0:5.3.3-23.el6_4
  • php-xmlrpc-0:5.3.3-23.el6_4
  • php-zts-0:5.3.3-23.el6_4
  • php53-0:5.3.3-13.el5_9.1
  • php53-bcmath-0:5.3.3-13.el5_9.1
  • php53-cli-0:5.3.3-13.el5_9.1
  • php53-common-0:5.3.3-13.el5_9.1
  • php53-dba-0:5.3.3-13.el5_9.1
  • php53-devel-0:5.3.3-13.el5_9.1
  • php53-gd-0:5.3.3-13.el5_9.1
  • php53-imap-0:5.3.3-13.el5_9.1
  • php53-intl-0:5.3.3-13.el5_9.1
  • php53-ldap-0:5.3.3-13.el5_9.1
  • php53-mbstring-0:5.3.3-13.el5_9.1
  • php53-mysql-0:5.3.3-13.el5_9.1
  • php53-odbc-0:5.3.3-13.el5_9.1
  • php53-pdo-0:5.3.3-13.el5_9.1
  • php53-pgsql-0:5.3.3-13.el5_9.1
  • php53-process-0:5.3.3-13.el5_9.1
  • php53-pspell-0:5.3.3-13.el5_9.1
  • php53-snmp-0:5.3.3-13.el5_9.1
  • php53-soap-0:5.3.3-13.el5_9.1
  • php53-xml-0:5.3.3-13.el5_9.1
  • php53-xmlrpc-0:5.3.3-13.el5_9.1
refmap via4
confirm
debian DSA-2723
secunia
  • 54071
  • 54104
  • 54163
  • 54165
suse
  • SUSE-SU-2013:1285
  • SUSE-SU-2013:1315
  • SUSE-SU-2013:1316
ubuntu USN-1905-1
Last major update 05-03-2014 - 23:47
Published 13-07-2013 - 09:10
Back to Top