PHP Multiple Vulnerabilities - June13 (Windows) Network Vulnerability

Summary

This host is running PHP and is prone to multiple vulnerabilities.

Impact

Successful exploitation allows attackers to execute arbitrary code or cause denial of service condition via crafted arguments. Impact Level:System/ Application

Solution

Upgrade to PHP 5.4.16 or 5.3.26 or later, For updates refer to http://www.php.net/downloads.php

Insight

Multiple flaws are due to, - Heap-based overflow in 'php_quot_print_encode' function in 'ext/standard/quot_print.c' script. - Integer overflow in the 'SdnToJewish' function in 'jewish.c' in the Calendar component.

Affected

PHP version before 5.3.26 and 5.4.x before 5.4.16

References

http://bugs.php.net/bug.php?id=64879
http://bugs.php.net/bug.php?id=64895
http://www.php.net/ChangeLog-5.php
http://www.security-database.com/detail.php?alert=CVE-2013-2110
http://www.security-database.com/detail.php?alert=CVE-2013-4635

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-2110, CVE-2013-4635

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Apple Safari Web Script Execution Vulnerabilites - June09
Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Windows)
Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
Apple Safari Webkit Multiple Vulnerabilities - March 2011
Adobe Reader Multiple Vulnerabilities - Aug07 (Linux)

Take action and discover your vulnerabilities