Computer Security
[EN] securityvulns.ru no-pyccku


PHP memory corruption
updated since 15.07.2013
Published:16.07.2013
Source:
SecurityVulns ID:13189
Type:library
Threat Level:
7/10
Description:Memory corruption in XML parsing, jdtojewish function DoS.
Affected:PHP : PHP 5.3
CVE:CVE-2013-4635 (Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function.)
 CVE-2013-4113 (ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.)
Original documentdocumentGabriel Maggiotti, Re: [ MDVSA-2013:195 ] php (16.07.2013)
 documentMANDRIVA, [ MDVSA-2013:195 ] php (15.07.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod