Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Update for php53 RHSA-2013:1050-01
Summary:The remote host is missing an update for the 'php53'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'php53'
package(s) announced via the referenced advisory.

Vulnerability Insight:
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server.

A buffer overflow flaw was found in the way PHP parsed deeply nested XML
documents. If a PHP application used the xml_parse_into_struct() function
to parse untrusted XML content, an attacker able to supply
specially-crafted XML could use this flaw to crash the application or,
possibly, execute arbitrary code with the privileges of the user running
the PHP interpreter. (CVE-2013-4113)

All php53 users should upgrade to these updated packages, which contain a
backported patch to resolve this issue. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.

Affected Software/OS:
php53 on Red Hat Enterprise Linux (v. 5 server)

Please Install the Updated Packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-4113
Debian Security Information: DSA-2723 (Google Search)
RedHat Security Advisories: RHSA-2013:1049
RedHat Security Advisories: RHSA-2013:1050
RedHat Security Advisories: RHSA-2013:1061
RedHat Security Advisories: RHSA-2013:1062
RedHat Security Advisories: RHSA-2013:1063
SuSE Security Announcement: SUSE-SU-2013:1285 (Google Search)
SuSE Security Announcement: SUSE-SU-2013:1315 (Google Search)
SuSE Security Announcement: SUSE-SU-2013:1316 (Google Search)
CopyrightCopyright (c) 2013 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.