ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
http://git.php.net/?p=php-src.git;a=commit;h=7d163e8a0880ae8af2dd869071393e5dc07ef271
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00007.html
http://php.net/archive/2013.php#id2013-07-11-1
http://php.net/ChangeLog-5.php
http://rhn.redhat.com/errata/RHSA-2013-1049.html
http://rhn.redhat.com/errata/RHSA-2013-1050.html
http://rhn.redhat.com/errata/RHSA-2013-1061.html
http://rhn.redhat.com/errata/RHSA-2013-1062.html
http://rhn.redhat.com/errata/RHSA-2013-1063.html
http://secunia.com/advisories/54071
http://secunia.com/advisories/54104
http://secunia.com/advisories/54163
http://secunia.com/advisories/54165
http://support.apple.com/kb/HT6150
http://www.debian.org/security/2013/dsa-2723
http://www.ubuntu.com/usn/USN-1905-1
OR
cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.13:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.14:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.15:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.16:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.17:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.18:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.19:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.20:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.21:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.22:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.23:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.24:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.3.25:*:*:*:*:*:*:*
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to 5.3.26 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
102079 | Juniper Junos PHP multiple vulnerabilities (JSA10804) | Nessus | Junos Local Security Checks | high |
83598 | SUSE SLES11 Security Update : PHP5 (SUSE-SU-2013:1316-1) | Nessus | SuSE Local Security Checks | medium |
83477 | F5 Networks BIG-IP : PHP vulnerability (SOL15169) | Nessus | F5 Networks Local Security Checks | medium |
80736 | Oracle Solaris Third-Party Patch Update : php (cve_2013_4113_buffer_errors) | Nessus | Solaris Local Security Checks | critical |
79288 | RHEL 5 : php53 (RHSA-2013:1062) | Nessus | Red Hat Local Security Checks | medium |
79287 | RHEL 5 / 6 : php (RHSA-2013:1061) | Nessus | Red Hat Local Security Checks | medium |
77455 | GLSA-201408-11 : PHP: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | high |
75096 | openSUSE Security Update : php5 (openSUSE-SU-2013:1244-1) | Nessus | SuSE Local Security Checks | high |
8138 | Mac OS X < 10.9.2 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | critical |
72688 | Mac OS X Multiple Vulnerabilities (Security Update 2014-001) (BEAST) | Nessus | MacOS X Local Security Checks | critical |
72687 | Mac OS X 10.9.x < 10.9.2 Multiple Vulnerabilities | Nessus | MacOS X Local Security Checks | critical |
69770 | Amazon Linux AMI : php54 (ALAS-2013-212) | Nessus | Amazon Linux Local Security Checks | medium |
69769 | Amazon Linux AMI : php (ALAS-2013-211) | Nessus | Amazon Linux Local Security Checks | medium |
6999 | PHP 5.5.x < 5.5.1 xml.c Buffer Overflow | Nessus Network Monitor | Web Servers | high |
6996 | PHP 5.4.x < 5.4.18 Multiple Vulnerabilities | Nessus Network Monitor | Web Servers | high |
69401 | PHP 5.4.x < 5.4.19 Multiple Vulnerabilities | Nessus | CGI abuses | medium |
69348 | PHP 5.5.x < 5.5.1 xml.c Buffer Overflow | Nessus | CGI abuses | medium |
69296 | SuSE 11.2 / 11.3 Security Update : PHP5 (SAT Patch Numbers 8087 / 8088) | Nessus | SuSE Local Security Checks | high |
69295 | SuSE 11.2 / 11.3 Security Update : PHP5 (SAT Patch Numbers 8087 / 8088) | Nessus | SuSE Local Security Checks | high |
69294 | SuSE 11.2 Security Update : PHP5 (SAT Patch Number 8086) | Nessus | SuSE Local Security Checks | high |
69172 | SuSE 10 Security Update : PHP5 (ZYPP Patch Number 8647) | Nessus | SuSE Local Security Checks | high |
69009 | Oracle Linux 4 : php (ELSA-2013-1063) | Nessus | Oracle Linux Local Security Checks | medium |
69001 | Fedora 17 : php-5.4.17-2.fc17 (2013-12354) | Nessus | Fedora Local Security Checks | medium |
69000 | Fedora 18 : php-5.4.17-2.fc18 (2013-12315) | Nessus | Fedora Local Security Checks | medium |
68973 | Fedora 19 : php-5.5.0-2.fc19 (2013-12977) | Nessus | Fedora Local Security Checks | medium |
68942 | Debian DSA-2723-1 : php5 - heap corruption | Nessus | Debian Local Security Checks | medium |
68923 | Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : php5 vulnerabilities (USN-1905-1) | Nessus | Ubuntu Local Security Checks | medium |
68917 | FreeBSD : PHP5 -- Heap corruption in XML parser (31b145f2-d9d3-49a9-8023-11cf742205dc) | Nessus | FreeBSD Local Security Checks | medium |
68916 | Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : php (SSA:2013-197-01) | Nessus | Slackware Local Security Checks | medium |
801404 | PHP 5.3.x < 5.3.27 Information Disclosure | Log Correlation Engine | Web Servers | medium |
6928 | PHP 5.3.x < 5.3.27 Information Disclosure | Nessus Network Monitor | Web Servers | medium |
68868 | Scientific Linux Security Update : php on SL5.x, SL6.x i386/x86_64 (20130712) | Nessus | Scientific Linux Local Security Checks | medium |
68867 | Scientific Linux Security Update : php53 on SL5.x i386/x86_64 (20130712) | Nessus | Scientific Linux Local Security Checks | medium |
68866 | RHEL 5 : php53 (RHSA-2013:1050) | Nessus | Red Hat Local Security Checks | medium |
68865 | RHEL 5 / 6 : php (RHSA-2013:1049) | Nessus | Red Hat Local Security Checks | medium |
68864 | Oracle Linux 5 : php53 (ELSA-2013-1050) | Nessus | Oracle Linux Local Security Checks | medium |
68863 | Oracle Linux 5 / 6 : php (ELSA-2013-1049) | Nessus | Oracle Linux Local Security Checks | medium |
68862 | Mandriva Linux Security Advisory : php (MDVSA-2013:195) | Nessus | Mandriva Local Security Checks | medium |
68859 | CentOS 5 : php53 (CESA-2013:1050) | Nessus | CentOS Local Security Checks | medium |
68858 | CentOS 5 / 6 : php (CESA-2013:1049) | Nessus | CentOS Local Security Checks | medium |
67259 | PHP 5.3.x < 5.3.27 Multiple Vulnerabilities | Nessus | CGI abuses | medium |