The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.
| Max Base Score | 5.0 |
| Published | 2013-11-28 |
| Updated | 2022-10-31 |
| EPSS | 65.18% |
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.
| Max Base Score | 7.5 |
| Published | 2013-12-17 |
| Updated | 2018-10-30 |
| EPSS | 94.99% |
The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via an MP3 file that triggers incorrect MIME type detection during access to an finfo object.
| Max Base Score | 4.3 |
| Published | 2013-06-21 |
| Updated | 2013-06-24 |
| EPSS | 0.41% |
Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function.
| Max Base Score | 5.0 |
| Published | 2013-06-21 |
| Updated | 2013-09-12 |
| EPSS | 4.50% |
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
| Max Base Score | 6.8 |
| Published | 2013-07-13 |
| Updated | 2022-08-16 |
| EPSS | 73.21% |
** DISPUTED ** The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted function definition, as demonstrated by an attack within a shared web-hosting environment. NOTE: the vendor's http://php.net/security-note.php page says "for critical security situations you should be using OS-level security by running multiple web servers each as their own user id."
| Max Base Score | 5.0 |
| Published | 2013-05-31 |
| Updated | 2013-06-03 |
| EPSS | 0.30% |
Heap-based buffer overflow in the php_quot_print_encode function in ext/standard/quot_print.c in PHP before 5.3.26 and 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted argument to the quoted_printable_encode function.
| Max Base Score | 5.0 |
| Published | 2013-06-21 |
| Updated | 2016-12-31 |
| EPSS | 5.47% |
7 vulnerabilities found