Ubuntu Update For Php5 USN-1905-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that PHP incorrectly handled the xml_parse_into_struct function. If a PHP application parsed untrusted XML, an attacker could use this flaw with a specially-crafted XML document to cause PHP to crash, resulting in a denial of service, or to possibly execute arbitrary code. (CVE-2013-4113) It was discovered that PHP incorrectly handled the jdtojewish function. An attacker could use this flaw to cause PHP to crash, resulting in a denial of service. (CVE-2013-4635)

Affected

php5 on Ubuntu 13.04 , Ubuntu 12.10 , Ubuntu 12.04 LTS , Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2013-4113, CVE-2013-4635

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for bzip2 USN-1308-1
Ubuntu Update for bzip2 vulnerability USN-590-1
Ubuntu Update for dovecot USN-1143-1
Ubuntu Update for cinder USN-2248-1
Ubuntu Update for apport USN-1668-1

Ubuntu Update for php5 USN-1905-1

Take action and discover your vulnerabilities