6.8
CVSSv2

CVE-2013-4113

Published: 13/07/2013 Updated: 06/03/2014
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 606
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

ext/xml/xml.c in PHP prior to 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.

Affected Products

Vendor Product Versions
PhpPhp5.3.0, 5.3.1, 5.3.2, 5.3.3, 5.3.4, 5.3.5, 5.3.6, 5.3.7, 5.3.8, 5.3.9, 5.3.10, 5.3.11, 5.3.12, 5.3.13, 5.3.14, 5.3.15, 5.3.16, 5.3.17, 5.3.18, 5.3.19, 5.3.20, 5.3.21, 5.3.22, 5.3.23, 5.3.24, 5.3.25, 5.3.26

Vendor Advisories

Debian Bug report logs - #717139 php5: CVE-2013-4113: heap corruption in xml parser Package: php5; Maintainer for php5 is Debian PHP Maintainers <pkg-php-maint@listsaliothdebianorg>; Source for php5 is src:php5 (PTS, buildd, popcon) Reported by: Henri Salo <henri@nervfi> Date: Wed, 17 Jul 2013 08:51:01 UTC Sever ...
Several security issues were fixed in PHP ...
A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially-crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running ...
A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially-crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running ...
ext/xml/xmlc in PHP before 5327 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function ...

Github Repositories

rhsecapi rhsecapi makes it easy to interface with the Red Hat Security Data API -- even from behind a proxy From the rpm description: Leverage Red Hat's Security Data API to find CVEs by various attributes (date, severity, scores, package, IAVA, etc) Retrieve customizable details about found CVEs or about specific CVE ids input on cmdline Parse arbitrary stdin for CVE

rhsecapi rhsecapi makes it easy to interface with the Red Hat Security Data API -- even from behind a proxy From the rpm description: Leverage Red Hat's Security Data API to find CVEs by various attributes (date, severity, scores, package, IAVA, etc) Retrieve customizable details about found CVEs or about specific CVE ids input on cmdline Parse arbitrary stdin for CVE