CVE-2013-4113
php: xml_parse_into_struct buffer overflow when parsing deeply nested XML
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
ext/xml/xml.c en PHP anteriores a v5.3.27 no consideran adecuado un análisis sintáctico profundo, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica)o posiblemente tener otro impacto no especificado a través de documentos manipulados que sea procesado por la función xml_parse_into_struct.
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially-crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. All php53 users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-06-12 CVE Reserved
- 2013-07-13 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (21)
| URL | Tag | Source |
|---|---|---|
| http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=7d163e8a0880ae8af2dd869071393e5dc07ef271 | X_refsource_confirm | |
| http://secunia.com/advisories/54071 | Third Party Advisory | |
| http://secunia.com/advisories/54104 | Third Party Advisory | |
| http://secunia.com/advisories/54163 | Third Party Advisory | |
| http://secunia.com/advisories/54165 | Third Party Advisory | |
| http://support.apple.com/kb/HT6150 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html | 2023-11-07 | |
| http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html | 2023-11-07 | |
| http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00007.html | 2023-11-07 | |
| http://php.net/ChangeLog-5.php | 2023-11-07 | |
| http://php.net/archive/2013.php#id2013-07-11-1 | 2023-11-07 | |
| http://rhn.redhat.com/errata/RHSA-2013-1049.html | 2023-11-07 | |
| http://rhn.redhat.com/errata/RHSA-2013-1050.html | 2023-11-07 | |
| http://rhn.redhat.com/errata/RHSA-2013-1061.html | 2023-11-07 | |
| http://rhn.redhat.com/errata/RHSA-2013-1062.html | 2023-11-07 | |
| http://rhn.redhat.com/errata/RHSA-2013-1063.html | 2023-11-07 | |
| http://www.debian.org/security/2013/dsa-2723 | 2023-11-07 | |
| http://www.ubuntu.com/usn/USN-1905-1 | 2023-11-07 | |
| https://bugs.php.net/bug.php?id=65236 | 2023-11-07 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=983689 | 2013-07-15 | |
| https://access.redhat.com/security/cve/CVE-2013-4113 | 2013-07-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 5.3.0 < 5.3.27 Search vendor "Php" for product "Php" and version " >= 5.3.0 < 5.3.27" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 5.4.0 < 5.4.18 Search vendor "Php" for product "Php" and version " >= 5.4.0 < 5.4.18" | - |
Affected
| ||||||