Summary
This host is running PHP and is prone to heap based buffer overflow vulnerability.
Impact
Successful exploitation will allow attackers to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
Solution
Upgrade to PHP version 5.3.27 or later,
For updates refer to http://php.net/
Insight
The flaw is triggered as user-supplied input is not properly validated when handling malformed XML input.
Affected
PHP version prior to 5.3.27
Detection
Get the installed version of PHP with the help of detect NVT and check it is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-4113 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- AOLserver Default Password
- Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Mac OS X)
- Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Win)
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Mac OS X)
- Apple Safari 'Webkit' Information Disclosure Vulnerability (Mac OS X)