ID CVE-2013-4635
Summary Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function.
References
Vulnerable Configurations
  • PHP 5.3.20
    cpe:2.3:a:php:php:5.3.20
  • PHP 5.3.19
    cpe:2.3:a:php:php:5.3.19
  • PHP 5.3.18
    cpe:2.3:a:php:php:5.3.18
  • PHP 5.3.17
    cpe:2.3:a:php:php:5.3.17
  • PHP 5.3.16
    cpe:2.3:a:php:php:5.3.16
  • PHP 5.3.15
    cpe:2.3:a:php:php:5.3.15
  • PHP 5.3.14
    cpe:2.3:a:php:php:5.3.14
  • PHP 5.3.12
    cpe:2.3:a:php:php:5.3.12
  • PHP 5.3.8
    cpe:2.3:a:php:php:5.3.8
  • PHP 5.3.11
    cpe:2.3:a:php:php:5.3.11
  • PHP 5.3.4
    cpe:2.3:a:php:php:5.3.4
  • PHP 5.3.3
    cpe:2.3:a:php:php:5.3.3
  • PHP 5.3.0
    cpe:2.3:a:php:php:5.3.0
  • PHP 5.3.1
    cpe:2.3:a:php:php:5.3.1
  • PHP 5.3.7
    cpe:2.3:a:php:php:5.3.7
  • PHP 5.3.6
    cpe:2.3:a:php:php:5.3.6
  • PHP 5.3.5
    cpe:2.3:a:php:php:5.3.5
  • PHP 5.3.9
    cpe:2.3:a:php:php:5.3.9
  • PHP 5.3.13
    cpe:2.3:a:php:php:5.3.13
  • PHP 5.3.2
    cpe:2.3:a:php:php:5.3.2
  • PHP 5.3.10
    cpe:2.3:a:php:php:5.3.10
  • PHP 5.2.15
    cpe:2.3:a:php:php:5.2.15
  • PHP 5.2.9
    cpe:2.3:a:php:php:5.2.9
  • PHP 5.2.16
    cpe:2.3:a:php:php:5.2.16
  • PHP 5.2.12
    cpe:2.3:a:php:php:5.2.12
  • PHP 5.2.10
    cpe:2.3:a:php:php:5.2.10
  • PHP 5.2.13
    cpe:2.3:a:php:php:5.2.13
  • PHP 5.2.5
    cpe:2.3:a:php:php:5.2.5
  • PHP 5.2.11
    cpe:2.3:a:php:php:5.2.11
  • PHP 5.2.7
    cpe:2.3:a:php:php:5.2.7
  • PHP 5.2.0
    cpe:2.3:a:php:php:5.2.0
  • PHP 5.2.8
    cpe:2.3:a:php:php:5.2.8
  • PHP 5.2.6
    cpe:2.3:a:php:php:5.2.6
  • PHP 5.2.4
    cpe:2.3:a:php:php:5.2.4
  • PHP 5.2.3
    cpe:2.3:a:php:php:5.2.3
  • PHP 5.2.14
    cpe:2.3:a:php:php:5.2.14
  • PHP 5.2.1
    cpe:2.3:a:php:php:5.2.1
  • PHP 5.2.2
    cpe:2.3:a:php:php:5.2.2
  • PHP 5.2.17
    cpe:2.3:a:php:php:5.2.17
  • PHP PHP 5.1.3
    cpe:2.3:a:php:php:5.1.3
  • PHP PHP 5.1.2
    cpe:2.3:a:php:php:5.1.2
  • PHP PHP 5.1.1
    cpe:2.3:a:php:php:5.1.1
  • PHP PHP 5.1.0
    cpe:2.3:a:php:php:5.1.0
  • PHP PHP 5.1.6
    cpe:2.3:a:php:php:5.1.6
  • PHP 5.1.4
    cpe:2.3:a:php:php:5.1.4
  • PHP PHP 5.1.5
    cpe:2.3:a:php:php:5.1.5
  • PHP PHP 5.0.5
    cpe:2.3:a:php:php:5.0.5
  • PHP PHP 5.0.4
    cpe:2.3:a:php:php:5.0.4
  • PHP PHP 5.0.3
    cpe:2.3:a:php:php:5.0.3
  • PHP PHP 5.0.0 RC1
    cpe:2.3:a:php:php:5.0.0:rc1
  • PHP PHP 5.0.0 Beta4
    cpe:2.3:a:php:php:5.0.0:beta4
  • PHP PHP 5.0.0 Beta3
    cpe:2.3:a:php:php:5.0.0:beta3
  • PHP PHP 5.0.0 Beta2
    cpe:2.3:a:php:php:5.0.0:beta2
  • PHP PHP 5.0.2
    cpe:2.3:a:php:php:5.0.2
  • PHP PHP 5.0.1
    cpe:2.3:a:php:php:5.0.1
  • PHP PHP 5.0.0 RC3
    cpe:2.3:a:php:php:5.0.0:rc3
  • PHP PHP 5.0.0 RC2
    cpe:2.3:a:php:php:5.0.0:rc2
  • PHP PHP 5.0.0
    cpe:2.3:a:php:php:5.0.0
  • PHP PHP 5.0.0 Beta1
    cpe:2.3:a:php:php:5.0.0:beta1
  • PHP PHP 4.3.10
    cpe:2.3:a:php:php:4.3.10
  • PHP PHP 4.3.1
    cpe:2.3:a:php:php:4.3.1
  • PHP PHP 4.3.2
    cpe:2.3:a:php:php:4.3.2
  • PHP PHP 4.3.11
    cpe:2.3:a:php:php:4.3.11
  • PHP PHP 4.3.4
    cpe:2.3:a:php:php:4.3.4
  • PHP PHP 4.3.3
    cpe:2.3:a:php:php:4.3.3
  • PHP PHP 4.3.6
    cpe:2.3:a:php:php:4.3.6
  • PHP PHP 4.3.5
    cpe:2.3:a:php:php:4.3.5
  • PHP PHP 4.2.1
    cpe:2.3:a:php:php:4.2.1
  • PHP 4.4.8
    cpe:2.3:a:php:php:4.4.8
  • PHP PHP 4.2.0
    cpe:2.3:a:php:php:4.2.0
  • PHP 4.4.9
    cpe:2.3:a:php:php:4.4.9
  • PHP PHP 4.2.3
    cpe:2.3:a:php:php:4.2.3
  • PHP PHP 4.2.2
    cpe:2.3:a:php:php:4.2.2
  • PHP PHP 4.4.5
    cpe:2.3:a:php:php:4.4.5
  • PHP PHP 4.4.6
    cpe:2.3:a:php:php:4.4.6
  • PHP PHP 4.4.7
    cpe:2.3:a:php:php:4.4.7
  • PHP PHP 4.3.0
    cpe:2.3:a:php:php:4.3.0
  • PHP PHP 4.3.7
    cpe:2.3:a:php:php:4.3.7
  • PHP PHP 4.3.8
    cpe:2.3:a:php:php:4.3.8
  • PHP PHP 4.3.9
    cpe:2.3:a:php:php:4.3.9
  • PHP PHP 4.4.0
    cpe:2.3:a:php:php:4.4.0
  • PHP PHP 4.4.1
    cpe:2.3:a:php:php:4.4.1
  • PHP PHP 4.4.2
    cpe:2.3:a:php:php:4.4.2
  • PHP PHP 4.4.3
    cpe:2.3:a:php:php:4.4.3
  • PHP PHP 4.4.4
    cpe:2.3:a:php:php:4.4.4
  • PHP PHP 4.0 Beta 1
    cpe:2.3:a:php:php:4.0:beta1
  • PHP PHP 4.0 Beta 2
    cpe:2.3:a:php:php:4.0:beta2
  • PHP PHP 4.0.1
    cpe:2.3:a:php:php:4.0.1
  • PHP PHP 4.0.0
    cpe:2.3:a:php:php:4.0.0
  • PHP PHP 4.0 Beta 4 Patch Level 1
    cpe:2.3:a:php:php:4.0:beta_4_patch1
  • PHP PHP 4.0 Beta 3
    cpe:2.3:a:php:php:4.0:beta3
  • PHP PHP 4.0 Beta 4
    cpe:2.3:a:php:php:4.0:beta4
  • PHP PHP 4.0.6
    cpe:2.3:a:php:php:4.0.6
  • PHP PHP 4.0.5
    cpe:2.3:a:php:php:4.0.5
  • PHP PHP 4.0.4
    cpe:2.3:a:php:php:4.0.4
  • PHP PHP 4.0.3
    cpe:2.3:a:php:php:4.0.3
  • PHP PHP 4.0.2
    cpe:2.3:a:php:php:4.0.2
  • PHP PHP 4.1.2
    cpe:2.3:a:php:php:4.1.2
  • PHP PHP 4.1.1
    cpe:2.3:a:php:php:4.1.1
  • PHP PHP 4.1.0
    cpe:2.3:a:php:php:4.1.0
  • PHP PHP 4.0.7
    cpe:2.3:a:php:php:4.0.7
  • PHP PHP 3.0.11
    cpe:2.3:a:php:php:3.0.11
  • PHP PHP 3.0.10
    cpe:2.3:a:php:php:3.0.10
  • PHP PHP 3.0.13
    cpe:2.3:a:php:php:3.0.13
  • PHP PHP 3.0.12
    cpe:2.3:a:php:php:3.0.12
  • PHP PHP 3.0.1
    cpe:2.3:a:php:php:3.0.1
  • PHP PHP 3.0
    cpe:2.3:a:php:php:3.0
  • PHP PHP 3.0.2
    cpe:2.3:a:php:php:3.0.2
  • PHP PHP 3.0.18
    cpe:2.3:a:php:php:3.0.18
  • PHP PHP 3.0.4
    cpe:2.3:a:php:php:3.0.4
  • PHP PHP 3.0.3
    cpe:2.3:a:php:php:3.0.3
  • PHP PHP 3.0.15
    cpe:2.3:a:php:php:3.0.15
  • PHP PHP 3.0.14
    cpe:2.3:a:php:php:3.0.14
  • PHP PHP 3.0.17
    cpe:2.3:a:php:php:3.0.17
  • PHP PHP 3.0.16
    cpe:2.3:a:php:php:3.0.16
  • PHP PHP 3.0.9
    cpe:2.3:a:php:php:3.0.9
  • PHP PHP 3.0.7
    cpe:2.3:a:php:php:3.0.7
  • PHP PHP 3.0.8
    cpe:2.3:a:php:php:3.0.8
  • PHP PHP 3.0.5
    cpe:2.3:a:php:php:3.0.5
  • PHP PHP 3.0.6
    cpe:2.3:a:php:php:3.0.6
  • PHP PHP_FI 2.0b10
    cpe:2.3:a:php:php:2.0b10
  • PHP PHP_FI 2.0
    cpe:2.3:a:php:php:2.0
  • PHP PHP_FI 1.0
    cpe:2.3:a:php:php:1.0
  • PHP 5.3.21
    cpe:2.3:a:php:php:5.3.21
  • PHP 5.3.22
    cpe:2.3:a:php:php:5.3.22
  • PHP 5.3.23
    cpe:2.3:a:php:php:5.3.23
  • PHP 5.3.24
    cpe:2.3:a:php:php:5.3.24
  • PHP 5.3.25
    cpe:2.3:a:php:php:5.3.25
  • PHP 5.4.4
    cpe:2.3:a:php:php:5.4.4
  • PHP 5.4.3
    cpe:2.3:a:php:php:5.4.3
  • PHP 5.4.0
    cpe:2.3:a:php:php:5.4.0
  • PHP 5.4.1
    cpe:2.3:a:php:php:5.4.1
  • PHP 5.4.2
    cpe:2.3:a:php:php:5.4.2
  • PHP 5.4.11
    cpe:2.3:a:php:php:5.4.11
  • PHP 5.4.10
    cpe:2.3:a:php:php:5.4.10
  • PHP 5.4.9
    cpe:2.3:a:php:php:5.4.9
  • PHP 5.4.8
    cpe:2.3:a:php:php:5.4.8
  • PHP 5.4.7
    cpe:2.3:a:php:php:5.4.7
  • PHP 5.4.6
    cpe:2.3:a:php:php:5.4.6
  • PHP 5.4.5
    cpe:2.3:a:php:php:5.4.5
  • PHP 5.4.12
    cpe:2.3:a:php:php:5.4.12
  • PHP 5.4.13
    cpe:2.3:a:php:php:5.4.13
  • PHP 5.4.14
    cpe:2.3:a:php:php:5.4.14
  • PHP 5.4.15
    cpe:2.3:a:php:php:5.4.15
CVSS
Base: 5.0 (as of 24-06-2013 - 18:33)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201408-11.NASL
    description The remote host is affected by the vulnerability described in GLSA-201408-11 (PHP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker can cause arbitrary code execution, create a Denial of Service condition, read or write arbitrary files, impersonate other servers, hijack a web session, or have other unspecified impact. Additionally, a local attacker could gain escalated privileges. Workaround : There is no known workaround at this time.
    last seen 2019-01-16
    modified 2018-07-12
    plugin id 77455
    published 2014-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77455
    title GLSA-201408-11 : PHP: Multiple vulnerabilities
  • NASL family CGI abuses
    NASL id PHP_5_4_16.NASL
    description According to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.16. It is, therefore, potentially affected by the following vulnerabilities: - An error exists in the mimetype detection of 'mp3' files that could lead to a denial of service. (Bug #64830) - An error exists in the function 'php_quot_print_encode' in the file 'ext/standard/quot_print.c' that could allow a heap-based buffer overflow when attempting to parse certain strings. (Bug #64879) - An integer overflow error exists related to the value of 'JEWISH_SDN_MAX' in the file 'ext/calendar/jewish.c' that could allow denial of service attacks. (Bug #64895) Note that this plugin does not attempt to exploit these vulnerabilities, but instead relies only on PHP's self-reported version number.
    last seen 2019-01-16
    modified 2018-07-24
    plugin id 66843
    published 2013-06-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66843
    title PHP 5.4.x < 5.4.16 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2013-1316-1.NASL
    description The following security issues have been fixed : - CVE-2013-4635 (bnc#828020): - Integer overflow in SdnToJewish() - CVE-2013-4113 (bnc#829207): - heap corruption due to badly formed xml Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-07-31
    plugin id 83598
    published 2015-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83598
    title SUSE SLES11 Security Update : PHP5 (SUSE-SU-2013:1316-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-604.NASL
    description - fixing the following security issues : - CVE-2013-4635.patch (bnc#828020) : - Integer overflow in the SdnToJewish - CVE-2013-1635.patch and CVE-2013-1643.patch (bnc#807707) : - reading system files via untrusted SOAP input - soap.wsdl_cache_dir function did not honour PHP open_basedir - CVE-2013-4113.patch (bnc#829207) : - heap corruption due to badly formed xml
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 75096
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75096
    title openSUSE Security Update : php5 (openSUSE-SU-2013:1244-1)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_5DEF3175F3F94476BA40B46627CC638C.NASL
    description The PHP development team reports : Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 68918
    published 2013-07-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68918
    title FreeBSD : PHP5 -- Integer overflow in Calendar module (5def3175-f3f9-4476-ba40-b46627cc638c)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1905-1.NASL
    description It was discovered that PHP incorrectly handled the xml_parse_into_struct function. If a PHP application parsed untrusted XML, an attacker could use this flaw with a specially crafted XML document to cause PHP to crash, resulting in a denial of service, or to possibly execute arbitrary code. (CVE-2013-4113) It was discovered that PHP incorrectly handled the jdtojewish function. An attacker could use this flaw to cause PHP to crash, resulting in a denial of service. (CVE-2013-4635). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-01
    plugin id 68923
    published 2013-07-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68923
    title Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : php5 vulnerabilities (USN-1905-1)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_PHP_20140401.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID. (CVE-2011-4718) - Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an 'overflow.' (CVE-2012-2688) - The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors. (CVE-2012-3365) - ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory. (CVE-2013-1635) - The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-1824. (CVE-2013-1643) - Heap-based buffer overflow in the php_quot_print_encode function in ext/ standard/quot_print.c in PHP before 5.3.26 and 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted argument to the quoted_printable_encode function. (CVE-2013-2110) - ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function. (CVE-2013-4113) - The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. (CVE-2013-4248) - Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function. (CVE-2013-4635) - The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via an MP3 file that triggers incorrect MIME type detection during access to an finfo object. (CVE-2013-4636)
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 80736
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80736
    title Oracle Solaris Third-Party Patch Update : php (cve_2013_4113_buffer_errors)
  • NASL family CGI abuses
    NASL id PHP_5_3_26.NASL
    description According to its banner, the version of PHP 5.3.x installed on the remote host is prior to 5.3.26. It is, therefore, potentially affected by the following vulnerabilities: - An error exists in the function 'php_quot_print_encode' in the file 'ext/standard/quot_print.c' that could allow a heap-based buffer overflow when attempting to parse certain strings (Bug #64879) - An integer overflow error exists related to the value of 'JEWISH_SDN_MAX' in the file 'ext/calendar/jewish.c' that could allow denial of service attacks. (Bug #64895) Note that this plugin does not attempt to exploit these vulnerabilities, but instead relies only on PHP's self-reported version number.
    last seen 2019-01-16
    modified 2018-09-17
    plugin id 66842
    published 2013-06-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66842
    title PHP 5.3.x < 5.3.26 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_APACHE2-MOD_PHP53-130718.NASL
    description The following security issues have been fixed : - (bnc#828020):. (CVE-2013-4635) - Integer overflow in SdnToJewish() - (bnc#829207):. (CVE-2013-4113) - heap corruption due to badly formed xml
    last seen 2018-09-01
    modified 2017-07-20
    plugin id 69296
    published 2013-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69296
    title SuSE 11.2 / 11.3 Security Update : PHP5 (SAT Patch Numbers 8087 / 8088)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_APACHE2-MOD_PHP53-130717.NASL
    description The following security issues have been fixed : - (bnc#828020):. (CVE-2013-4635) - Integer overflow in SdnToJewish() - (bnc#829207):. (CVE-2013-4113) - heap corruption due to badly formed xml
    last seen 2018-09-02
    modified 2017-07-20
    plugin id 69295
    published 2013-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69295
    title SuSE 11.2 / 11.3 Security Update : PHP5 (SAT Patch Numbers 8087 / 8088)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_APACHE2-MOD_PHP5-130718.NASL
    description The following security issues have been fixed : - (bnc#828020):. (CVE-2013-4635) - Integer overflow in SdnToJewish() - (bnc#807707):. (CVE-2013-1635 / CVE-2013-1643) - reading system files via untrusted SOAP input - soap.wsdl_cache_dir function did not honour PHP open_basedir - (bnc#829207):. (CVE-2013-4113) - heap corruption due to badly formed xml
    last seen 2019-01-16
    modified 2017-07-20
    plugin id 69294
    published 2013-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69294
    title SuSE 11.2 Security Update : PHP5 (SAT Patch Number 8086)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_APACHE2-MOD_PHP5-8647.NASL
    description The following security issues have been fixed : - (bnc#828020): o Integer overflow in SdnToJewish(). (CVE-2013-4635) - (bnc#807707): o reading system files via untrusted SOAP input o soap.wsdl_cache_dir function did not honour PHP open_basedir. (CVE-2013-1635 / CVE-2013-1643) - (bnc#829207): o heap corruption due to badly formed xml. (CVE-2013-4113)
    last seen 2019-01-16
    modified 2017-07-20
    plugin id 69172
    published 2013-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69172
    title SuSE 10 Security Update : PHP5 (ZYPP Patch Number 8647)
refmap via4
confirm
sectrack 1028699
secunia 54104
suse
  • SUSE-SU-2013:1285
  • SUSE-SU-2013:1315
  • SUSE-SU-2013:1316
ubuntu USN-1905-1
vim 20130624 CVE-2013-4635 SndToJewish / SdnToJewish function name
Last major update 11-09-2013 - 23:36
Published 21-06-2013 - 17:55
Back to Top