|
|
Log in / Subscribe / Register

php53: code execution

Package(s):php53 CVE #(s):CVE-2013-6420
Created:December 11, 2013 Updated:January 14, 2014
Description: From the Red Hat advisory:

A memory corruption flaw was found in the way the openssl_x509_parse() function of the PHP openssl extension parsed X.509 certificates. A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP application using the aforementioned function, causing the application to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the user running the PHP interpreter.

Alerts:
Fedora FEDORA-2015-4216 php 2015-03-31
Gentoo 201408-11 php 2014-08-29
SUSE SUSE-SU-2014:0873-2 PHP5 2014-07-07
SUSE SUSE-SU-2014:0873-1 PHP5 2014-07-05
Mandriva MDVSA-2014:014 php 2014-01-21
Slackware SSA:2014-013-03 php 2014-01-13
openSUSE openSUSE-SU-2013:1963-1 php5 2013-12-27
openSUSE openSUSE-SU-2013:1964-1 php5 2013-12-27
Mandriva MDVSA-2013:298 php 2013-12-20
Mageia MGASA-2013-0379 php 2013-12-19
Fedora FEDORA-2013-23164 php 2013-12-20
Fedora FEDORA-2013-23215 php 2013-12-20
Fedora FEDORA-2013-23208 php 2013-12-13
Debian DSA-2816-1 php5 2013-12-12
Ubuntu USN-2055-1 php5 2013-12-12
Red Hat RHSA-2013:1825-01 php53 2013-12-11
Red Hat RHSA-2013:1824-01 php 2013-12-11
Red Hat RHSA-2013:1826-01 php 2013-12-12
Scientific Linux SLSA-2013:1814-1 php 2013-12-11
Scientific Linux SLSA-2013:1813-1 php53 and php 2013-12-11
Oracle ELSA-2013-1814 php 2013-12-11
Oracle ELSA-2013-1813 php53 2013-12-11
Oracle ELSA-2013-1813 php53 2013-12-10
CentOS CESA-2013:1813 php53 2013-12-11
CentOS CESA-2013:1814 php 2013-12-11
CentOS CESA-2013:1813 php53 2013-12-11
Red Hat RHSA-2013:1814-01 php 2013-12-11
Red Hat RHSA-2013:1813-01 php53 2013-12-11
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds