4.3 - CVE-2013-4248

Executive Summary

Informations
Name	CVE-2013-4248	First vendor Publication	2013-08-17
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score	4.3	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:18760

Oval ID:	oval:org.mitre.oval:def:18760
Title:	DSA-2742-1 php5 - interpretation conflict
Description:	It was discovered that PHP, a general-purpose scripting language commonly used for web application development, did not properly process embedded NUL characters in the subjectAltName extension of X.509 certificates. Depending on the application and with insufficient CA-level checks, this could be abused for impersonating other users.
Family:	unix	Class:	patch
Reference(s):	DSA-2742-1 CVE-2013-4248	Version:	8
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	php5
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND php5 DPKG is earlier than 5.3.3-7+squeeze17 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND php5 DPKG is earlier than 5.4.4-14+deb7u4

Definition Id: oval:org.mitre.oval:def:18927

Oval ID:	oval:org.mitre.oval:def:18927
Title:	USN-1937-1 -- php5 vulnerability
Description:	Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet.
Family:	unix	Class:	patch
Reference(s):	USN-1937-1 CVE-2013-4248	Version:	7
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	php5
Definition Synopsis:
Release section Ubuntu 13.04 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 5.4.9-4ubuntu2.3 AND php5-cgi DPKG is earlier than 5.4.9-4ubuntu2.3 AND php5-cli DPKG is earlier than 5.4.9-4ubuntu2.3 AND Release section Ubuntu 12.10 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 5.4.6-1ubuntu1.4 AND php5-cgi DPKG is earlier than 5.4.6-1ubuntu1.4 AND php5-cli DPKG is earlier than 5.4.6-1ubuntu1.4 AND Release section Ubuntu 12.04 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 5.3.10-1ubuntu3.8 AND php5-cgi DPKG is earlier than 5.3.10-1ubuntu3.8 AND php5-cli DPKG is earlier than 5.3.10-1ubuntu3.8 AND Release section Ubuntu 10.04 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 5.3.2-1ubuntu4.21 AND libapache2-mod-php5filter DPKG is earlier than 5.3.2-1ubuntu4.21 AND php5-cgi DPKG is earlier than 5.3.2-1ubuntu4.21 AND php5-cli DPKG is earlier than 5.3.2-1ubuntu4.21

Definition Id: oval:org.mitre.oval:def:21114

Oval ID:	oval:org.mitre.oval:def:21114
Title:	RHSA-2013:1307: php53 security, bug fix and enhancement update (Moderate)
Description:	The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1307-01 CESA-2013:1307 CVE-2006-7243 CVE-2011-1398 CVE-2012-0831 CVE-2012-2688 CVE-2013-1643 CVE-2013-4248	Version:	87
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	php53
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section php53-odbc is earlier than 0:5.3.3-21.el5 AND php53-mbstring is earlier than 0:5.3.3-21.el5 AND php53-gd is earlier than 0:5.3.3-21.el5 AND php53-intl is earlier than 0:5.3.3-21.el5 AND php53-pgsql is earlier than 0:5.3.3-21.el5 AND php53-mysql is earlier than 0:5.3.3-21.el5 AND php53-dba is earlier than 0:5.3.3-21.el5 AND php53-process is earlier than 0:5.3.3-21.el5 AND php53 is earlier than 0:5.3.3-21.el5 AND php53-common is earlier than 0:5.3.3-21.el5 AND php53-imap is earlier than 0:5.3.3-21.el5 AND php53-bcmath is earlier than 0:5.3.3-21.el5 AND php53-ldap is earlier than 0:5.3.3-21.el5 AND php53-soap is earlier than 0:5.3.3-21.el5 AND php53-xmlrpc is earlier than 0:5.3.3-21.el5 AND php53-cli is earlier than 0:5.3.3-21.el5 AND php53-devel is earlier than 0:5.3.3-21.el5 AND php53-pspell is earlier than 0:5.3.3-21.el5 AND php53-xml is earlier than 0:5.3.3-21.el5 AND php53-snmp is earlier than 0:5.3.3-21.el5 AND php53-pdo is earlier than 0:5.3.3-21.el5

Definition Id: oval:org.mitre.oval:def:23222

Oval ID:	oval:org.mitre.oval:def:23222
Title:	ELSA-2013:1307: php53 security, bug fix and enhancement update (Moderate)
Description:	The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1307-01 CVE-2006-7243 CVE-2011-1398 CVE-2012-0831 CVE-2012-2688 CVE-2013-1643 CVE-2013-4248	Version:	29
Platform(s):	Oracle Linux 5	Product(s):	php53
Definition Synopsis:
Oracle Linux 5.x rpm test php53-odbc is earlier than 0:5.3.3-21.el5 AND php53-mbstring is earlier than 0:5.3.3-21.el5 AND php53-gd is earlier than 0:5.3.3-21.el5 AND php53-intl is earlier than 0:5.3.3-21.el5 AND php53-pgsql is earlier than 0:5.3.3-21.el5 AND php53-mysql is earlier than 0:5.3.3-21.el5 AND php53-dba is earlier than 0:5.3.3-21.el5 AND php53-process is earlier than 0:5.3.3-21.el5 AND php53 is earlier than 0:5.3.3-21.el5 AND php53-common is earlier than 0:5.3.3-21.el5 AND php53-imap is earlier than 0:5.3.3-21.el5 AND php53-bcmath is earlier than 0:5.3.3-21.el5 AND php53-ldap is earlier than 0:5.3.3-21.el5 AND php53-soap is earlier than 0:5.3.3-21.el5 AND php53-xmlrpc is earlier than 0:5.3.3-21.el5 AND php53-cli is earlier than 0:5.3.3-21.el5 AND php53-devel is earlier than 0:5.3.3-21.el5 AND php53-pspell is earlier than 0:5.3.3-21.el5 AND php53-xml is earlier than 0:5.3.3-21.el5 AND php53-snmp is earlier than 0:5.3.3-21.el5 AND php53-pdo is earlier than 0:5.3.3-21.el5

Definition Id: oval:org.mitre.oval:def:25081

Oval ID:	oval:org.mitre.oval:def:25081
Title:	SUSE-SU-2014:0062-1 -- Security update for PHP5
Description:	This update fixes the following issues: * memory corruption in openssl_parse_x509 (CVE-2013-6420) * man-in-the-middle attacks by specially crafting certificates (CVE-2013-4248)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0062-1 CVE-2013-6420 CVE-2013-4248	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	PHP5
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section apache2-mod_php5 RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5 RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-bcmath RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-bz2 RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-calendar RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-ctype RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-curl RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-dba RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-dbase RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-dom RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-exif RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-fastcgi RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-ftp RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-gd RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-gettext RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-gmp RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-hash RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-iconv RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-json RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-ldap RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-mbstring RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-mcrypt RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-mysql RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-odbc RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-openssl RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-pcntl RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-pdo RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-pear RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-pgsql RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-pspell RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-shmop RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-snmp RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-soap RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-suhosin RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-sysvmsg RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-sysvsem RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-sysvshm RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-tokenizer RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-wddx RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-xmlreader RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-xmlrpc RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-xmlwriter RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-xsl RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-zip RPM is earlier than 0:5.2.14-0.7.30.50.1 AND php5-zlib RPM is earlier than 0:5.2.14-0.7.30.50.1

Definition Id: oval:org.mitre.oval:def:25595

Oval ID:	oval:org.mitre.oval:def:25595
Title:	SUSE-SU-2014:0064-1 -- Security update for PHP5
Description:	This update fixes the following issues: * memory corruption in openssl_parse_x509 (CVE-2013-6420) * Heap buffer over-read in DateInterval (CVE-2013-6712) * man-in-the-middle attacks by specially crafting certificates (CVE-2013-4248)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0064-1 CVE-2013-6420 CVE-2013-6712 CVE-2013-4248	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	PHP5
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section apache2-mod_php53 RPM is earlier than 0:5.3.8-0.43.1 AND php53 RPM is earlier than 0:5.3.8-0.43.1 AND php53-bcmath RPM is earlier than 0:5.3.8-0.43.1 AND php53-bz2 RPM is earlier than 0:5.3.8-0.43.1 AND php53-calendar RPM is earlier than 0:5.3.8-0.43.1 AND php53-ctype RPM is earlier than 0:5.3.8-0.43.1 AND php53-curl RPM is earlier than 0:5.3.8-0.43.1 AND php53-dba RPM is earlier than 0:5.3.8-0.43.1 AND php53-dom RPM is earlier than 0:5.3.8-0.43.1 AND php53-exif RPM is earlier than 0:5.3.8-0.43.1 AND php53-fastcgi RPM is earlier than 0:5.3.8-0.43.1 AND php53-fileinfo RPM is earlier than 0:5.3.8-0.43.1 AND php53-ftp RPM is earlier than 0:5.3.8-0.43.1 AND php53-gd RPM is earlier than 0:5.3.8-0.43.1 AND php53-gettext RPM is earlier than 0:5.3.8-0.43.1 AND php53-gmp RPM is earlier than 0:5.3.8-0.43.1 AND php53-iconv RPM is earlier than 0:5.3.8-0.43.1 AND php53-intl RPM is earlier than 0:5.3.8-0.43.1 AND php53-json RPM is earlier than 0:5.3.8-0.43.1 AND php53-ldap RPM is earlier than 0:5.3.8-0.43.1 AND php53-mbstring RPM is earlier than 0:5.3.8-0.43.1 AND php53-mcrypt RPM is earlier than 0:5.3.8-0.43.1 AND php53-mysql RPM is earlier than 0:5.3.8-0.43.1 AND php53-odbc RPM is earlier than 0:5.3.8-0.43.1 AND php53-openssl RPM is earlier than 0:5.3.8-0.43.1 AND php53-pcntl RPM is earlier than 0:5.3.8-0.43.1 AND php53-pdo RPM is earlier than 0:5.3.8-0.43.1 AND php53-pear RPM is earlier than 0:5.3.8-0.43.1 AND php53-pgsql RPM is earlier than 0:5.3.8-0.43.1 AND php53-pspell RPM is earlier than 0:5.3.8-0.43.1 AND php53-shmop RPM is earlier than 0:5.3.8-0.43.1 AND php53-snmp RPM is earlier than 0:5.3.8-0.43.1 AND php53-soap RPM is earlier than 0:5.3.8-0.43.1 AND php53-suhosin RPM is earlier than 0:5.3.8-0.43.1 AND php53-sysvmsg RPM is earlier than 0:5.3.8-0.43.1 AND php53-sysvsem RPM is earlier than 0:5.3.8-0.43.1 AND php53-sysvshm RPM is earlier than 0:5.3.8-0.43.1 AND php53-tokenizer RPM is earlier than 0:5.3.8-0.43.1 AND php53-wddx RPM is earlier than 0:5.3.8-0.43.1 AND php53-xmlreader RPM is earlier than 0:5.3.8-0.43.1 AND php53-xmlrpc RPM is earlier than 0:5.3.8-0.43.1 AND php53-xmlwriter RPM is earlier than 0:5.3.8-0.43.1 AND php53-xsl RPM is earlier than 0:5.3.8-0.43.1 AND php53-zip RPM is earlier than 0:5.3.8-0.43.1 AND php53-zlib RPM is earlier than 0:5.3.8-0.43.1

Definition Id: oval:org.mitre.oval:def:25611

Oval ID:	oval:org.mitre.oval:def:25611
Title:	SUSE-SU-2014:0063-1 -- Security update for PHP5
Description:	This update fixes the following issues: * memory corruption in openssl_parse_x509 (CVE-2013-6420) * Heap buffer over-read in DateInterval (CVE-2013-6712) * man-in-the-middle attacks by specially crafting certificates (CVE-2013-4248)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0063-1 CVE-2013-6420 CVE-2013-6712 CVE-2013-4248	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	PHP5
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section apache2-mod_php53 RPM is earlier than 0:5.3.17-0.17.1 AND php53 RPM is earlier than 0:5.3.17-0.17.1 AND php53-bcmath RPM is earlier than 0:5.3.17-0.17.1 AND php53-bz2 RPM is earlier than 0:5.3.17-0.17.1 AND php53-calendar RPM is earlier than 0:5.3.17-0.17.1 AND php53-ctype RPM is earlier than 0:5.3.17-0.17.1 AND php53-curl RPM is earlier than 0:5.3.17-0.17.1 AND php53-dba RPM is earlier than 0:5.3.17-0.17.1 AND php53-dom RPM is earlier than 0:5.3.17-0.17.1 AND php53-exif RPM is earlier than 0:5.3.17-0.17.1 AND php53-fastcgi RPM is earlier than 0:5.3.17-0.17.1 AND php53-fileinfo RPM is earlier than 0:5.3.17-0.17.1 AND php53-ftp RPM is earlier than 0:5.3.17-0.17.1 AND php53-gd RPM is earlier than 0:5.3.17-0.17.1 AND php53-gettext RPM is earlier than 0:5.3.17-0.17.1 AND php53-gmp RPM is earlier than 0:5.3.17-0.17.1 AND php53-iconv RPM is earlier than 0:5.3.17-0.17.1 AND php53-intl RPM is earlier than 0:5.3.17-0.17.1 AND php53-json RPM is earlier than 0:5.3.17-0.17.1 AND php53-ldap RPM is earlier than 0:5.3.17-0.17.1 AND php53-mbstring RPM is earlier than 0:5.3.17-0.17.1 AND php53-mcrypt RPM is earlier than 0:5.3.17-0.17.1 AND php53-mysql RPM is earlier than 0:5.3.17-0.17.1 AND php53-odbc RPM is earlier than 0:5.3.17-0.17.1 AND php53-openssl RPM is earlier than 0:5.3.17-0.17.1 AND php53-pcntl RPM is earlier than 0:5.3.17-0.17.1 AND php53-pdo RPM is earlier than 0:5.3.17-0.17.1 AND php53-pear RPM is earlier than 0:5.3.17-0.17.1 AND php53-pgsql RPM is earlier than 0:5.3.17-0.17.1 AND php53-pspell RPM is earlier than 0:5.3.17-0.17.1 AND php53-shmop RPM is earlier than 0:5.3.17-0.17.1 AND php53-snmp RPM is earlier than 0:5.3.17-0.17.1 AND php53-soap RPM is earlier than 0:5.3.17-0.17.1 AND php53-suhosin RPM is earlier than 0:5.3.17-0.17.1 AND php53-sysvmsg RPM is earlier than 0:5.3.17-0.17.1 AND php53-sysvsem RPM is earlier than 0:5.3.17-0.17.1 AND php53-sysvshm RPM is earlier than 0:5.3.17-0.17.1 AND php53-tokenizer RPM is earlier than 0:5.3.17-0.17.1 AND php53-wddx RPM is earlier than 0:5.3.17-0.17.1 AND php53-xmlreader RPM is earlier than 0:5.3.17-0.17.1 AND php53-xmlrpc RPM is earlier than 0:5.3.17-0.17.1 AND php53-xmlwriter RPM is earlier than 0:5.3.17-0.17.1 AND php53-xsl RPM is earlier than 0:5.3.17-0.17.1 AND php53-zip RPM is earlier than 0:5.3.17-0.17.1 AND php53-zlib RPM is earlier than 0:5.3.17-0.17.1

Definition Id: oval:org.mitre.oval:def:26232

Oval ID:	oval:org.mitre.oval:def:26232
Title:	SUSE-SU-2014:0873-1 -- Security update for PHP5
Description:	PHP5 has been updated to fix four security vulnerabilities.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0873-1 CVE-2014-4049 CVE-2014-2497 CVE-2013-6420 CVE-2013-4248	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10	Product(s):	PHP5
Definition Synopsis:
SUSE Linux Enterprise Server 10 is installed Packages match section apache2-mod_php5 RPM is earlier than 0:5.2.14-0.48.1 AND php5 RPM is earlier than 0:5.2.14-0.48.1 AND php5-bcmath RPM is earlier than 0:5.2.14-0.48.1 AND php5-bz2 RPM is earlier than 0:5.2.14-0.48.1 AND php5-calendar RPM is earlier than 0:5.2.14-0.48.1 AND php5-ctype RPM is earlier than 0:5.2.14-0.48.1 AND php5-curl RPM is earlier than 0:5.2.14-0.48.1 AND php5-dba RPM is earlier than 0:5.2.14-0.48.1 AND php5-dbase RPM is earlier than 0:5.2.14-0.48.1 AND php5-devel RPM is earlier than 0:5.2.14-0.48.1 AND php5-dom RPM is earlier than 0:5.2.14-0.48.1 AND php5-exif RPM is earlier than 0:5.2.14-0.48.1 AND php5-fastcgi RPM is earlier than 0:5.2.14-0.48.1 AND php5-ftp RPM is earlier than 0:5.2.14-0.48.1 AND php5-gd RPM is earlier than 0:5.2.14-0.48.1 AND php5-gettext RPM is earlier than 0:5.2.14-0.48.1 AND php5-gmp RPM is earlier than 0:5.2.14-0.48.1 AND php5-hash RPM is earlier than 0:5.2.14-0.48.1 AND php5-iconv RPM is earlier than 0:5.2.14-0.48.1 AND php5-imap RPM is earlier than 0:5.2.14-0.48.1 AND php5-json RPM is earlier than 0:5.2.14-0.48.1 AND php5-ldap RPM is earlier than 0:5.2.14-0.48.1 AND php5-mbstring RPM is earlier than 0:5.2.14-0.48.1 AND php5-mcrypt RPM is earlier than 0:5.2.14-0.48.1 AND php5-mhash RPM is earlier than 0:5.2.14-0.48.1 AND php5-mysql RPM is earlier than 0:5.2.14-0.48.1 AND php5-ncurses RPM is earlier than 0:5.2.14-0.48.1 AND php5-odbc RPM is earlier than 0:5.2.14-0.48.1 AND php5-openssl RPM is earlier than 0:5.2.14-0.48.1 AND php5-pcntl RPM is earlier than 0:5.2.14-0.48.1 AND php5-pdo RPM is earlier than 0:5.2.14-0.48.1 AND php5-pear RPM is earlier than 0:5.2.14-0.48.1 AND php5-pgsql RPM is earlier than 0:5.2.14-0.48.1 AND php5-posix RPM is earlier than 0:5.2.14-0.48.1 AND php5-pspell RPM is earlier than 0:5.2.14-0.48.1 AND php5-shmop RPM is earlier than 0:5.2.14-0.48.1 AND php5-snmp RPM is earlier than 0:5.2.14-0.48.1 AND php5-soap RPM is earlier than 0:5.2.14-0.48.1 AND php5-sockets RPM is earlier than 0:5.2.14-0.48.1 AND php5-sqlite RPM is earlier than 0:5.2.14-0.48.1 AND php5-suhosin RPM is earlier than 0:5.2.14-0.48.1 AND php5-sysvmsg RPM is earlier than 0:5.2.14-0.48.1 AND php5-sysvsem RPM is earlier than 0:5.2.14-0.48.1 AND php5-sysvshm RPM is earlier than 0:5.2.14-0.48.1 AND php5-tokenizer RPM is earlier than 0:5.2.14-0.48.1 AND php5-wddx RPM is earlier than 0:5.2.14-0.48.1 AND php5-xmlreader RPM is earlier than 0:5.2.14-0.48.1 AND php5-xmlrpc RPM is earlier than 0:5.2.14-0.48.1 AND php5-xsl RPM is earlier than 0:5.2.14-0.48.1 AND php5-zlib RPM is earlier than 0:5.2.14-0.48.1

Definition Id: oval:org.mitre.oval:def:26428

Oval ID:	oval:org.mitre.oval:def:26428
Title:	HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities
Description:	The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2013-4248	Version:	4
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
HP-UX B.11.23 AND filesets test hpuxws22APCH32.APACHE version is less than B.2.2.15.21 AND hpuxws22APCH32.APACHE2 version is less than B.2.2.15.21 AND hpuxws22APCH32.AUTH_LDAP version is less than B.2.2.15.21 AND hpuxws22APCH32.AUTH_LDAP2 version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_JK version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_JK2 version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_PERL version is less than B.2.2.15.21 AND hpuxws22APCH32.MOD_PERL2 version is less than B.2.2.15.21 AND hpuxws22APCH32.PHP version is less than B.2.2.15.21 AND hpuxws22APCH32.PHP2 version is less than B.2.2.15.21 AND hpuxws22APCH32.WEBPROXY version is less than B.2.2.15.21 AND hpuxws22APCH32.WEBPROXY2 version is less than B.2.2.15.21 AND hpuxws22APACHE.APACHE version is less than B.2.2.15.21 AND hpuxws22APACHE.APACHE2 version is less than B.2.2.15.21 AND hpuxws22APACHE.AUTH_LDAP version is less than B.2.2.15.21 AND hpuxws22APACHE.AUTH_LDAP2 version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_JK version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_JK2 version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_PERL version is less than B.2.2.15.21 AND hpuxws22APACHE.MOD_PERL2 version is less than B.2.2.15.21 AND hpuxws22APACHE.PHP version is less than B.2.2.15.21 AND hpuxws22APACHE.PHP2 version is less than B.2.2.15.21 AND hpuxws22APACHE.WEBPROXY version is less than B.2.2.15.21 AND hpuxws22APACHE.WEBPROXY2 version is less than B.2.2.15.21 AND hpuxws22TOMCAT.TOMCAT version is less than B.2.2.15.21

Definition Id: oval:org.mitre.oval:def:27044

Oval ID:	oval:org.mitre.oval:def:27044
Title:	RHSA-2013:1615 -- php security, bug fix, and enhancement update (Moderate)
Description:	PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2006-7243) A flaw was found in PHP's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. If an attacker was able to get a carefully crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate to conduct man-in-the-middle attacks to spoof SSL servers. (CVE-2013-4248) It was found that the PHP SOAP parser allowed the expansion of external XML entities during SOAP message parsing. A remote attacker could possibly use this flaw to read arbitrary files that are accessible to a PHP application using a SOAP extension. (CVE-2013-1643) This update fixes the following bugs: * Previously, when the allow_call_time_pass_reference setting was disabled, a virtual host on the Apache server could terminate with a segmentation fault when attempting to process certain PHP content. This bug has been fixed and virtual hosts no longer crash when allow_call_time_pass_reference is off. (BZ#892158, BZ#910466) * Prior to this update, if an error occurred during the operation of the fclose(), file_put_contents(), or copy() function, the function did not report it. This could have led to data loss. With this update, the aforementioned functions have been modified to properly report any errors. (BZ#947429) * The internal buffer for the SQLSTATE error code can store maximum of 5 characters. Previously, when certain calls exceeded this limit, a buffer overflow occurred. With this update, messages longer than 5 characters are automatically replaced with the default "HY000" string, thus preventing the overflow. (BZ#969110) In addition, this update adds the following enhancement: * This update adds the following rpm macros to the php package: %__php, %php_inidir, %php_incldir. (BZ#953814) Users of php are advised to upgrade to these updated packages, which fix these bugs and add this enhancement. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1615 CESA-2013:1615 CVE-2006-7243 CVE-2013-1643 CVE-2013-4248	Version:	3
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	php
Definition Synopsis:
Red Hat Enterprise Linux 6 and CentOS Linux 6 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages match section php is earlier than 0:5.3.3-26.el6 AND php-bcmath is earlier than 0:5.3.3-26.el6 AND php-cli is earlier than 0:5.3.3-26.el6 AND php-common is earlier than 0:5.3.3-26.el6 AND php-dba is earlier than 0:5.3.3-26.el6 AND php-devel is earlier than 0:5.3.3-26.el6 AND php-embedded is earlier than 0:5.3.3-26.el6 AND php-enchant is earlier than 0:5.3.3-26.el6 AND php-fpm is earlier than 0:5.3.3-26.el6 AND php-gd is earlier than 0:5.3.3-26.el6 AND php-imap is earlier than 0:5.3.3-26.el6 AND php-intl is earlier than 0:5.3.3-26.el6 AND php-ldap is earlier than 0:5.3.3-26.el6 AND php-mbstring is earlier than 0:5.3.3-26.el6 AND php-mysql is earlier than 0:5.3.3-26.el6 AND php-odbc is earlier than 0:5.3.3-26.el6 AND php-pdo is earlier than 0:5.3.3-26.el6 AND php-pgsql is earlier than 0:5.3.3-26.el6 AND php-process is earlier than 0:5.3.3-26.el6 AND php-pspell is earlier than 0:5.3.3-26.el6 AND php-recode is earlier than 0:5.3.3-26.el6 AND php-snmp is earlier than 0:5.3.3-26.el6 AND php-soap is earlier than 0:5.3.3-26.el6 AND php-tidy is earlier than 0:5.3.3-26.el6 AND php-xml is earlier than 0:5.3.3-26.el6 AND php-xmlrpc is earlier than 0:5.3.3-26.el6 AND php-zts is earlier than 0:5.3.3-26.el6 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 AND php-debuginfo is earlier than 0:5.3.3-26.el6

Definition Id: oval:org.mitre.oval:def:27418

Oval ID:	oval:org.mitre.oval:def:27418
Title:	DEPRECATED: ELSA-2013-1307 -- php53 security, bug fix and enhancement update (moderate)
Description:	[5.3.3-21] - add security fix for CVE-2013-4248
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-1307 CVE-2011-1398 CVE-2012-0831 CVE-2012-2688 CVE-2006-7243 CVE-2013-1643 CVE-2013-4248	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	php53
Definition Synopsis:
Oracle Linux 5.x Packages match section php53 is earlier than 0:5.3.3-21.el5 AND php53-bcmath is earlier than 0:5.3.3-21.el5 AND php53-cli is earlier than 0:5.3.3-21.el5 AND php53-common is earlier than 0:5.3.3-21.el5 AND php53-dba is earlier than 0:5.3.3-21.el5 AND php53-devel is earlier than 0:5.3.3-21.el5 AND php53-gd is earlier than 0:5.3.3-21.el5 AND php53-imap is earlier than 0:5.3.3-21.el5 AND php53-intl is earlier than 0:5.3.3-21.el5 AND php53-ldap is earlier than 0:5.3.3-21.el5 AND php53-mbstring is earlier than 0:5.3.3-21.el5 AND php53-mysql is earlier than 0:5.3.3-21.el5 AND php53-odbc is earlier than 0:5.3.3-21.el5 AND php53-pdo is earlier than 0:5.3.3-21.el5 AND php53-pgsql is earlier than 0:5.3.3-21.el5 AND php53-process is earlier than 0:5.3.3-21.el5 AND php53-pspell is earlier than 0:5.3.3-21.el5 AND php53-snmp is earlier than 0:5.3.3-21.el5 AND php53-soap is earlier than 0:5.3.3-21.el5 AND php53-xml is earlier than 0:5.3.3-21.el5 AND php53-xmlrpc is earlier than 0:5.3.3-21.el5

Definition Id: oval:org.mitre.oval:def:27442

Oval ID:	oval:org.mitre.oval:def:27442
Title:	ELSA-2013-1615 -- php security, bug fix, and enhancement update (moderate)
Description:	[5.3.3-26] - add security fix for CVE-2013-4248 [5.3.3-25] - rename patch to math CVE-2010-3709 name - add security fixes for CVE-2006-7243, CVE-2013-1643 [5.3.3-24] - fix buffer overflow in _pdo_pgsql_error (#969110) - fix double free when destroy_zend_class fails (#910466) - fix segfault in error_handler with allow_call_time_pass_reference = Off (#892158) - fix copy doesn't report failure on partial copy (#947428) - add rpm macros for packagers: %php_inidir, %php_incldir and %__php (#953814)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-1615 CVE-2006-7243 CVE-2013-1643 CVE-2013-4248	Version:	3
Platform(s):	Oracle Linux 6	Product(s):	php
Definition Synopsis:
Oracle Linux 6.x Packages match section php is earlier than 0:5.3.3-26.el6 AND php-bcmath is earlier than 0:5.3.3-26.el6 AND php-cli is earlier than 0:5.3.3-26.el6 AND php-common is earlier than 0:5.3.3-26.el6 AND php-dba is earlier than 0:5.3.3-26.el6 AND php-devel is earlier than 0:5.3.3-26.el6 AND php-embedded is earlier than 0:5.3.3-26.el6 AND php-enchant is earlier than 0:5.3.3-26.el6 AND php-fpm is earlier than 0:5.3.3-26.el6 AND php-gd is earlier than 0:5.3.3-26.el6 AND php-imap is earlier than 0:5.3.3-26.el6 AND php-intl is earlier than 0:5.3.3-26.el6 AND php-ldap is earlier than 0:5.3.3-26.el6 AND php-mbstring is earlier than 0:5.3.3-26.el6 AND php-mysql is earlier than 0:5.3.3-26.el6 AND php-odbc is earlier than 0:5.3.3-26.el6 AND php-pdo is earlier than 0:5.3.3-26.el6 AND php-pgsql is earlier than 0:5.3.3-26.el6 AND php-process is earlier than 0:5.3.3-26.el6 AND php-pspell is earlier than 0:5.3.3-26.el6 AND php-recode is earlier than 0:5.3.3-26.el6 AND php-snmp is earlier than 0:5.3.3-26.el6 AND php-soap is earlier than 0:5.3.3-26.el6 AND php-tidy is earlier than 0:5.3.3-26.el6 AND php-xml is earlier than 0:5.3.3-26.el6 AND php-xmlrpc is earlier than 0:5.3.3-26.el6 AND php-zts is earlier than 0:5.3.3-26.el6

CPE : Common Platform Enumeration

Type	Description	Count
Application	Php cpe:2.3:a:php:php:5.5.1:::::::* cpe:2.3:a:php:php:5.5.0:-:::::: cpe:2.3:a:php:php:5.4.9:-:::::: cpe:2.3:a:php:php:5.4.9:rc1:::::: cpe:2.3:a:php:php:5.4.8:-:::::: cpe:2.3:a:php:php:5.4.8:rc1:::::: cpe:2.3:a:php:php:5.4.7:-:::::: cpe:2.3:a:php:php:5.4.7:rc1:::::: cpe:2.3:a:php:php:5.4.6:-:::::: cpe:2.3:a:php:php:5.4.6:rc1:::::: cpe:2.3:a:php:php:5.4.5:-:::::: cpe:2.3:a:php:php:5.4.5:rc1:::::: cpe:2.3:a:php:php:5.4.4:-:::::: cpe:2.3:a:php:php:5.4.4:rc1:::::: cpe:2.3:a:php:php:5.4.4:rc2:::::: cpe:2.3:a:php:php:5.4.3:::::::* cpe:2.3:a:php:php:5.4.2:::::::* cpe:2.3:a:php:php:5.4.17:-:::::: cpe:2.3:a:php:php:5.4.17:rc1:::::: cpe:2.3:a:php:php:5.4.16:rc1:::::: cpe:2.3:a:php:php:5.4.16:-:::::: cpe:2.3:a:php:php:5.4.15:rc1:::::: cpe:2.3:a:php:php:5.4.15:-:::::: cpe:2.3:a:php:php:5.4.14:rc1:::::: cpe:2.3:a:php:php:5.4.14:-:::::: cpe:2.3:a:php:php:5.4.13:rc1:::::: cpe:2.3:a:php:php:5.4.13:-:::::: cpe:2.3:a:php:php:5.4.12:rc2:::::: cpe:2.3:a:php:php:5.4.12:rc1:::::: cpe:2.3:a:php:php:5.4.12:-:::::: cpe:2.3:a:php:php:5.4.11:-:::::: cpe:2.3:a:php:php:5.4.11:rc1:::::: cpe:2.3:a:php:php:5.4.10:-:::::: cpe:2.3:a:php:php:5.4.10:rc1:::::: cpe:2.3:a:php:php:5.4.1:::::::* cpe:2.3:a:php:php:5.4.1:rc1:::::: cpe:2.3:a:php:php:5.4.1:rc2:::::: cpe:2.3:a:php:php:5.4.0:beta2:::::: cpe:2.3:a:php:php:5.4.0:beta2:32-bit:::::* cpe:2.3:a:php:php:5.4.0:rc2:::::: cpe:2.3:a:php:php:5.4.0:-:::::: cpe:2.3:a:php:php:5.4.0:alpha1:::::: cpe:2.3:a:php:php:5.4.0:alpha2:::::: cpe:2.3:a:php:php:5.4.0:alpha3:::::: cpe:2.3:a:php:php:5.4.0:beta1:::::: cpe:2.3:a:php:php:5.4.0:rc1:::::: cpe:2.3:a:php:php:5.4.0:rc3:::::: cpe:2.3:a:php:php:5.4.0:rc4:::::: cpe:2.3:a:php:php:5.4.0:rc5:::::: cpe:2.3:a:php:php:5.4.0:rc6:::::: cpe:2.3:a:php:php:5.4.0:rc7:::::: cpe:2.3:a:php:php:5.4.0:rc8:::::: cpe:2.3:a:php:php:5.3.9:-:::::: cpe:2.3:a:php:php:5.3.9:rc1:::::: cpe:2.3:a:php:php:5.3.9:rc2:::::: cpe:2.3:a:php:php:5.3.9:rc3:::::: cpe:2.3:a:php:php:5.3.9:rc4:::::: cpe:2.3:a:php:php:5.3.8:::::::* cpe:2.3:a:php:php:5.3.7:-:::::: cpe:2.3:a:php:php:5.3.7:rc1:::::: cpe:2.3:a:php:php:5.3.7:rc2:::::: cpe:2.3:a:php:php:5.3.7:rc3:::::: cpe:2.3:a:php:php:5.3.7:rc4:::::: cpe:2.3:a:php:php:5.3.7:rc5:::::: cpe:2.3:a:php:php:5.3.6:::::::* cpe:2.3:a:php:php:5.3.6:rc1:::::: cpe:2.3:a:php:php:5.3.6:rc2:::::: cpe:2.3:a:php:php:5.3.6:rc3:::::: cpe:2.3:a:php:php:5.3.5:::::::* cpe:2.3:a:php:php:5.3.4:-:::::: cpe:2.3:a:php:php:5.3.4:rc1:::::: cpe:2.3:a:php:php:5.3.4:rc2:::::: cpe:2.3:a:php:php:5.3.3:-:::::: cpe:2.3:a:php:php:5.3.3:rc1:::::: cpe:2.3:a:php:php:5.3.3:rc2:::::: cpe:2.3:a:php:php:5.3.3:rc3:::::: cpe:2.3:a:php:php:5.3.29:-:::::: cpe:2.3:a:php:php:5.3.29:rc1:::::: cpe:2.3:a:php:php:5.3.28:::::::* cpe:2.3:a:php:php:5.3.27:-:::::: cpe:2.3:a:php:php:5.3.27:rc1:::::: cpe:2.3:a:php:php:5.3.26:-:::::: cpe:2.3:a:php:php:5.3.26:rc1:::::: cpe:2.3:a:php:php:5.3.25:-:::::: cpe:2.3:a:php:php:5.3.25:rc1:::::: cpe:2.3:a:php:php:5.3.24:-:::::: cpe:2.3:a:php:php:5.3.24:rc1:::::: cpe:2.3:a:php:php:5.3.23:-:::::: cpe:2.3:a:php:php:5.3.23:rc1:::::: cpe:2.3:a:php:php:5.3.22:-:::::: cpe:2.3:a:php:php:5.3.22:rc1:::::: cpe:2.3:a:php:php:5.3.22:rc2:::::: cpe:2.3:a:php:php:5.3.21:-:::::: cpe:2.3:a:php:php:5.3.21:rc1:::::: cpe:2.3:a:php:php:5.3.20:-:::::: cpe:2.3:a:php:php:5.3.20:rc1:::::: cpe:2.3:a:php:php:5.3.2:-:::::: cpe:2.3:a:php:php:5.3.2:rc1:::::: cpe:2.3:a:php:php:5.3.2:rc2:::::: cpe:2.3:a:php:php:5.3.2:rc3:::::: cpe:2.3:a:php:php:5.3.19:-:::::: cpe:2.3:a:php:php:5.3.19:rc1:::::: cpe:2.3:a:php:php:5.3.18:-:::::: cpe:2.3:a:php:php:5.3.18:rc1:::::: cpe:2.3:a:php:php:5.3.17:::::::* cpe:2.3:a:php:php:5.3.16:::::::* cpe:2.3:a:php:php:5.3.15:-:::::: cpe:2.3:a:php:php:5.3.15:rc1:::::: cpe:2.3:a:php:php:5.3.14:-:::::: cpe:2.3:a:php:php:5.3.14:rc1:::::: cpe:2.3:a:php:php:5.3.14:rc2:::::: cpe:2.3:a:php:php:5.3.13:::::::* cpe:2.3:a:php:php:5.3.12:::::::* cpe:2.3:a:php:php:5.3.11:-:::::: cpe:2.3:a:php:php:5.3.11:rc1:::::: cpe:2.3:a:php:php:5.3.11:rc2:::::: cpe:2.3:a:php:php:5.3.10:::::::* cpe:2.3:a:php:php:5.3.1:-:::::: cpe:2.3:a:php:php:5.3.1:rc1:::::: cpe:2.3:a:php:php:5.3.1:rc2:::::: cpe:2.3:a:php:php:5.3.1:rc3:::::: cpe:2.3:a:php:php:5.3.1:rc4:::::: cpe:2.3:a:php:php:5.3.0:-:::::: cpe:2.3:a:php:php:5.3.0:alpha1:::::: cpe:2.3:a:php:php:5.3.0:alpha2:::::: cpe:2.3:a:php:php:5.3.0:alpha3:::::: cpe:2.3:a:php:php:5.3.0:beta1:::::: cpe:2.3:a:php:php:5.3.0:rc1:::::: cpe:2.3:a:php:php:5.3.0:rc2:::::: cpe:2.3:a:php:php:5.3.0:rc3:::::: cpe:2.3:a:php:php:5.3.0:rc4:::::: cpe:2.3:a:php:php:5.2.9:-:::::: cpe:2.3:a:php:php:5.2.9:rc1:::::: cpe:2.3:a:php:php:5.2.9:rc2:::::: cpe:2.3:a:php:php:5.2.9:rc3:::::: cpe:2.3:a:php:php:5.2.8:::::::* cpe:2.3:a:php:php:5.2.7:-:::::: cpe:2.3:a:php:php:5.2.7:rc1:::::: cpe:2.3:a:php:php:5.2.7:rc2:::::: cpe:2.3:a:php:php:5.2.7:rc3:::::: cpe:2.3:a:php:php:5.2.7:rc4:::::: cpe:2.3:a:php:php:5.2.7:rc5:::::: cpe:2.3:a:php:php:5.2.6:-:::::: cpe:2.3:a:php:php:5.2.6:rc1:::::: cpe:2.3:a:php:php:5.2.6:rc2:::::: cpe:2.3:a:php:php:5.2.6:rc3:::::: cpe:2.3:a:php:php:5.2.6:rc4:::::: cpe:2.3:a:php:php:5.2.6:rc5:::::: cpe:2.3:a:php:php:5.2.5:-:::::: cpe:2.3:a:php:php:5.2.5:rc1:::::: cpe:2.3:a:php:php:5.2.5:rc2:::::: cpe:2.3:a:php:php:5.2.4::windows::::: cpe:2.3:a:php:php:5.2.4:-:::::: cpe:2.3:a:php:php:5.2.4:rc1:::::: cpe:2.3:a:php:php:5.2.4:rc2:::::: cpe:2.3:a:php:php:5.2.4:rc3:::::: cpe:2.3:a:php:php:5.2.3:-:::::: cpe:2.3:a:php:php:5.2.3:rc1:::::: cpe:2.3:a:php:php:5.2.2:-:::::: cpe:2.3:a:php:php:5.2.2:rc1:::::: cpe:2.3:a:php:php:5.2.2:rc2:::::: cpe:2.3:a:php:php:5.2.17:::::::* cpe:2.3:a:php:php:5.2.16:::::::* cpe:2.3:a:php:php:5.2.15:-:::::: cpe:2.3:a:php:php:5.2.15:rc1:::::: cpe:2.3:a:php:php:5.2.15:rc2:::::: cpe:2.3:a:php:php:5.2.14:-:::::: cpe:2.3:a:php:php:5.2.14:rc1:::::: cpe:2.3:a:php:php:5.2.14:rc2:::::: cpe:2.3:a:php:php:5.2.14:rc3:::::: cpe:2.3:a:php:php:5.2.13:-:::::: cpe:2.3:a:php:php:5.2.13:rc1:::::: cpe:2.3:a:php:php:5.2.13:rc2:::::: cpe:2.3:a:php:php:5.2.12:-:::::: cpe:2.3:a:php:php:5.2.12:rc1:::::: cpe:2.3:a:php:php:5.2.12:rc2:::::: cpe:2.3:a:php:php:5.2.12:rc3:::::: cpe:2.3:a:php:php:5.2.12:rc4:::::: cpe:2.3:a:php:php:5.2.11:-:::::: cpe:2.3:a:php:php:5.2.11:rc1:::::: cpe:2.3:a:php:php:5.2.11:rc2:::::: cpe:2.3:a:php:php:5.2.11:rc3:::::: cpe:2.3:a:php:php:5.2.10:-:::::: cpe:2.3:a:php:php:5.2.10:rc1:::::: cpe:2.3:a:php:php:5.2.10:rc2:::::: cpe:2.3:a:php:php:5.2.1:-:::::: cpe:2.3:a:php:php:5.2.1:rc1:::::: cpe:2.3:a:php:php:5.2.1:rc2:::::: cpe:2.3:a:php:php:5.2.1:rc3:::::: cpe:2.3:a:php:php:5.2.1:rc4:::::: cpe:2.3:a:php:php:5.2.0:::::::* cpe:2.3:a:php:php:5.2.0:rc1:::::: cpe:2.3:a:php:php:5.2.0:rc2:::::: cpe:2.3:a:php:php:5.2.0:rc3:::::: cpe:2.3:a:php:php:5.2.0:rc4:::::: cpe:2.3:a:php:php:5.2.0:rc5:::::: cpe:2.3:a:php:php:5.2.0:rc6:::::: cpe:2.3:a:php:php:5.1.6:::::::* cpe:2.3:a:php:php:5.1.5:-:::::: cpe:2.3:a:php:php:5.1.5:rc1:::::: cpe:2.3:a:php:php:5.1.4:::::::* cpe:2.3:a:php:php:5.1.3:::::::* cpe:2.3:a:php:php:5.1.3:rc1:::::: cpe:2.3:a:php:php:5.1.3:rc2:::::: cpe:2.3:a:php:php:5.1.3:rc3:::::: cpe:2.3:a:php:php:5.1.2:-:::::: cpe:2.3:a:php:php:5.1.2:rc1:::::: cpe:2.3:a:php:php:5.1.2:rc2:::::: cpe:2.3:a:php:php:5.1.1:::::::* cpe:2.3:a:php:php:5.1.0:-:::::: cpe:2.3:a:php:php:5.1.0:beta1:::::: cpe:2.3:a:php:php:5.1.0:beta2:::::: cpe:2.3:a:php:php:5.1.0:beta3:::::: cpe:2.3:a:php:php:5.1.0:rc1:::::: cpe:2.3:a:php:php:5.1.0:rc2:::::: cpe:2.3:a:php:php:5.1.0:rc2-pre:::::: cpe:2.3:a:php:php:5.1.0:rc3:::::: cpe:2.3:a:php:php:5.1.0:rc4:::::: cpe:2.3:a:php:php:5.1.0:rc5:::::: cpe:2.3:a:php:php:5.1.0:rc6:::::: cpe:2.3:a:php:php:5.0.5:-:::::: cpe:2.3:a:php:php:5.0.5:rc1:::::: cpe:2.3:a:php:php:5.0.5:rc2:::::: cpe:2.3:a:php:php:5.0.4:-:::::: cpe:2.3:a:php:php:5.0.4:rc1:::::: cpe:2.3:a:php:php:5.0.4:rc2:::::: cpe:2.3:a:php:php:5.0.3:-:::::: cpe:2.3:a:php:php:5.0.3:rc1:::::: cpe:2.3:a:php:php:5.0.3:rc2:::::: cpe:2.3:a:php:php:5.0.2:-:::::: cpe:2.3:a:php:php:5.0.2:rc1:::::: cpe:2.3:a:php:php:5.0.1:-:::::: cpe:2.3:a:php:php:5.0.1:beta1:::::: cpe:2.3:a:php:php:5.0.1:rc1:::::: cpe:2.3:a:php:php:5.0.1:rc2:::::: cpe:2.3:a:php:php:5.0.0:beta3:::::: cpe:2.3:a:php:php:5.0.0:rc3:::::: cpe:2.3:a:php:php:5.0.0:beta1:::::: cpe:2.3:a:php:php:5.0.0:beta4:::::: cpe:2.3:a:php:php:5.0.0:rc1:::::: cpe:2.3:a:php:php:5.0.0:beta2:::::: cpe:2.3:a:php:php:5.0.0:rc2:::::: cpe:2.3:a:php:php:5.0.0:-:::::: cpe:2.3:a:php:php:5.0:rc1:::::: cpe:2.3:a:php:php:5.0:rc3:::::: cpe:2.3:a:php:php:5.0:rc2:::::: cpe:2.3:a:php:php:5:::::::* cpe:2.3:a:php:php:4.4.9:-:::::: cpe:2.3:a:php:php:4.4.9:rc1:::::: cpe:2.3:a:php:php:4.4.8:-:::::: cpe:2.3:a:php:php:4.4.8:rc1:::::: cpe:2.3:a:php:php:4.4.7:-:::::: cpe:2.3:a:php:php:4.4.7:rc1:::::: cpe:2.3:a:php:php:4.4.6:-:::::: cpe:2.3:a:php:php:4.4.6:rc1:::::: cpe:2.3:a:php:php:4.4.5:-:::::: cpe:2.3:a:php:php:4.4.5:rc1:::::: cpe:2.3:a:php:php:4.4.5:rc2:::::: cpe:2.3:a:php:php:4.4.4:-:::::: cpe:2.3:a:php:php:4.4.4:rc1:::::: cpe:2.3:a:php:php:4.4.3:-:::::: cpe:2.3:a:php:php:4.4.3:rc1:::::: cpe:2.3:a:php:php:4.4.3:rc2:::::: cpe:2.3:a:php:php:4.4.2:-:::::: cpe:2.3:a:php:php:4.4.2:rc1:::::: cpe:2.3:a:php:php:4.4.2:rc2:::::: cpe:2.3:a:php:php:4.4.1:-:::::: cpe:2.3:a:php:php:4.4.1:rc1:::::: cpe:2.3:a:php:php:4.4.0:-:::::: cpe:2.3:a:php:php:4.4.0:rc1:::::: cpe:2.3:a:php:php:4.4.0:rc2:::::: cpe:2.3:a:php:php:4.3.9:::::::* cpe:2.3:a:php:php:4.3.9:rc1:::::: cpe:2.3:a:php:php:4.3.9:rc2:::::: cpe:2.3:a:php:php:4.3.9:rc3:::::: cpe:2.3:a:php:php:4.3.8:::::::* cpe:2.3:a:php:php:4.3.7:-:::::: cpe:2.3:a:php:php:4.3.7:rc1:::::: cpe:2.3:a:php:php:4.3.6:-:::::: cpe:2.3:a:php:php:4.3.6:rc1:::::: cpe:2.3:a:php:php:4.3.6:rc2:::::: cpe:2.3:a:php:php:4.3.6:rc3:::::: cpe:2.3:a:php:php:4.3.5:-:::::: cpe:2.3:a:php:php:4.3.5:rc1:::::: cpe:2.3:a:php:php:4.3.5:rc2:::::: cpe:2.3:a:php:php:4.3.5:rc3:::::: cpe:2.3:a:php:php:4.3.5:rc4:::::: cpe:2.3:a:php:php:4.3.4:-:::::: cpe:2.3:a:php:php:4.3.4:rc1:::::: cpe:2.3:a:php:php:4.3.4:rc2:::::: cpe:2.3:a:php:php:4.3.4:rc3:::::: cpe:2.3:a:php:php:4.3.3:-:::::: cpe:2.3:a:php:php:4.3.3:rc1:::::: cpe:2.3:a:php:php:4.3.3:rc2:::::: cpe:2.3:a:php:php:4.3.3:rc3:::::: cpe:2.3:a:php:php:4.3.3:rc4:::::: cpe:2.3:a:php:php:4.3.2:-:::::: cpe:2.3:a:php:php:4.3.2:rc1:::::: cpe:2.3:a:php:php:4.3.2:rc2:::::: cpe:2.3:a:php:php:4.3.2:rc3:::::: cpe:2.3:a:php:php:4.3.2:rc4:::::: cpe:2.3:a:php:php:4.3.11:-:::::: cpe:2.3:a:php:php:4.3.11:rc1:::::: cpe:2.3:a:php:php:4.3.11:rc2:::::: cpe:2.3:a:php:php:4.3.10:-:::::: cpe:2.3:a:php:php:4.3.10:rc1:::::: cpe:2.3:a:php:php:4.3.10:rc2:::::: cpe:2.3:a:php:php:4.3.1:::::::* cpe:2.3:a:php:php:4.3.0:-:::::: cpe:2.3:a:php:php:4.3.0:alpha1:::::: cpe:2.3:a:php:php:4.3.0:alpha2:::::: cpe:2.3:a:php:php:4.3.0:alpha3:::::: cpe:2.3:a:php:php:4.3.0:dev:::::: cpe:2.3:a:php:php:4.3.0:pre1:::::: cpe:2.3:a:php:php:4.3.0:pre2:::::: cpe:2.3:a:php:php:4.3.0:rc1:::::: cpe:2.3:a:php:php:4.3.0:rc2:::::: cpe:2.3:a:php:php:4.3.0:rc3:::::: cpe:2.3:a:php:php:4.3.0:rc4:::::: cpe:2.3:a:php:php:4.2.3:-:::::: cpe:2.3:a:php:php:4.2.3:rc1:::::: cpe:2.3:a:php:php:4.2.3:rc2:::::: cpe:2.3:a:php:php:4.2.2:::::::* cpe:2.3:a:php:php:4.2.1:-:::::: cpe:2.3:a:php:php:4.2.1:rc1:::::: cpe:2.3:a:php:php:4.2.1:rc2:::::: cpe:2.3:a:php:php:4.2.0:-:::::: cpe:2.3:a:php:php:4.2.0:rc1:::::: cpe:2.3:a:php:php:4.2.0:rc2:::::: cpe:2.3:a:php:php:4.2.0:rc3:::::: cpe:2.3:a:php:php:4.2.0:rc4:::::: cpe:2.3:a:php:php:4.2::dev::::: cpe:2.3:a:php:php:4.1.2:::::::* cpe:2.3:a:php:php:4.1.1:::::::* cpe:2.3:a:php:php:4.1.0:-:::::: cpe:2.3:a:php:php:4.1.0:rc1:::::: cpe:2.3:a:php:php:4.1.0:rc2:::::: cpe:2.3:a:php:php:4.1.0:rc3:::::: cpe:2.3:a:php:php:4.1.0:rc4:::::: cpe:2.3:a:php:php:4.1.0:rc5:::::: cpe:2.3:a:php:php:4.0.7:rc3:::::: cpe:2.3:a:php:php:4.0.7:rc2:::::: cpe:2.3:a:php:php:4.0.7:rc4:::::: cpe:2.3:a:php:php:4.0.7:rc1:::::: cpe:2.3:a:php:php:4.0.7:-:::::: cpe:2.3:a:php:php:4.0.6:-:::::: cpe:2.3:a:php:php:4.0.6:rc1:::::: cpe:2.3:a:php:php:4.0.6:rc2:::::: cpe:2.3:a:php:php:4.0.6:rc3:::::: cpe:2.3:a:php:php:4.0.6:rc4:::::: cpe:2.3:a:php:php:4.0.5:-:::::: cpe:2.3:a:php:php:4.0.5:rc1:::::: cpe:2.3:a:php:php:4.0.5:rc2:::::: cpe:2.3:a:php:php:4.0.5:rc3:::::: cpe:2.3:a:php:php:4.0.5:rc4:::::: cpe:2.3:a:php:php:4.0.5:rc5:::::: cpe:2.3:a:php:php:4.0.5:rc6:::::: cpe:2.3:a:php:php:4.0.5:rc7:::::: cpe:2.3:a:php:php:4.0.5:rc8:::::: cpe:2.3:a:php:php:4.0.4pl1:::::::* cpe:2.3:a:php:php:4.0.4:patch1:::::: cpe:2.3:a:php:php:4.0.4:-:::::: cpe:2.3:a:php:php:4.0.4:rc1:::::: cpe:2.3:a:php:php:4.0.4:rc2:::::: cpe:2.3:a:php:php:4.0.4:rc3:::::: cpe:2.3:a:php:php:4.0.4:rc4:::::: cpe:2.3:a:php:php:4.0.4:rc5:::::: cpe:2.3:a:php:php:4.0.4:rc6:::::: cpe:2.3:a:php:php:4.0.3:::::::* cpe:2.3:a:php:php:4.0.3:patch1:::::: cpe:2.3:a:php:php:4.0.3:rc1:::::: cpe:2.3:a:php:php:4.0.3:rc2:::::: cpe:2.3:a:php:php:4.0.2:::::::* cpe:2.3:a:php:php:4.0.2:rc1:::::: cpe:2.3:a:php:php:4.0.1:patch2:::::: cpe:2.3:a:php:php:4.0.1:patch1:::::: cpe:2.3:a:php:php:4.0.1:-:::::: cpe:2.3:a:php:php:4.0.1:rc:::::: cpe:2.3:a:php:php:4.0.1:rc2:::::: cpe:2.3:a:php:php:4.0.0:::::::* cpe:2.3:a:php:php:4.0:beta1:::::: cpe:2.3:a:php:php:4.0:beta2:::::: cpe:2.3:a:php:php:4.0:beta3:::::: cpe:2.3:a:php:php:4.0:beta4:::::: cpe:2.3:a:php:php:4.0:beta_4_patch1:::::: cpe:2.3:a:php:php:4.0:rc1:::::: cpe:2.3:a:php:php:4.0:rc2:::::: cpe:2.3:a:php:php:4.0:-:::::: cpe:2.3:a:php:php:4:::::::* cpe:2.3:a:php:php:3.0.9:::::::* cpe:2.3:a:php:php:3.0.8:::::::* cpe:2.3:a:php:php:3.0.7:::::::* cpe:2.3:a:php:php:3.0.6:::::::* cpe:2.3:a:php:php:3.0.5:::::::* cpe:2.3:a:php:php:3.0.4:::::::* cpe:2.3:a:php:php:3.0.3:::::::* cpe:2.3:a:php:php:3.0.2:::::::* cpe:2.3:a:php:php:3.0.18:::::::* cpe:2.3:a:php:php:3.0.17:::::::* cpe:2.3:a:php:php:3.0.16:::::::* cpe:2.3:a:php:php:3.0.15:::::::* cpe:2.3:a:php:php:3.0.14:::::::* cpe:2.3:a:php:php:3.0.13:::::::* cpe:2.3:a:php:php:3.0.12:::::::* cpe:2.3:a:php:php:3.0.11:::::::* cpe:2.3:a:php:php:3.0.10:::::::* cpe:2.3:a:php:php:3.0.1:::::::* cpe:2.3:a:php:php:3.0:::::::* cpe:2.3:a:php:php:2.0b10:::::::* cpe:2.3:a:php:php:2.0.2:::::::* cpe:2.3:a:php:php:2.0.1:::::::* cpe:2.3:a:php:php:2.0.0:-:::::: cpe:2.3:a:php:php:2.0.0:alpha1:::::: cpe:2.3:a:php:php:2.0.0:alpha2:::::: cpe:2.3:a:php:php:2.0.0:beta1:::::: cpe:2.3:a:php:php:2.0.0:rc1:::::: cpe:2.3:a:php:php:2.0:::::::* cpe:2.3:a:php:php:1.5:::::::* cpe:2.3:a:php:php:1.4:::::::* cpe:2.3:a:php:php:1.3.5:::::::* cpe:2.3:a:php:php:1.3.1:::::::* cpe:2.3:a:php:php:1.3:-:::::: cpe:2.3:a:php:php:1.3:beta2:::::: cpe:2.3:a:php:php:1.3:beta3:::::: cpe:2.3:a:php:php:1.3:beta6:::::: cpe:2.3:a:php:php:1.2.5:::::::* cpe:2.3:a:php:php:1.2.4:::::::* cpe:2.3:a:php:php:1.2.3:::::::* cpe:2.3:a:php:php:1.2.2:::::::* cpe:2.3:a:php:php:1.2.1:::::::* cpe:2.3:a:php:php:1.2.0:::::::* cpe:2.3:a:php:php:1.2:::::::* cpe:2.3:a:php:php:1.1.1:::::::* cpe:2.3:a:php:php:1.1.0:::::::* cpe:2.3:a:php:php:1.1:::::::* cpe:2.3:a:php:php:1.0.4:::::::* cpe:2.3:a:php:php:1.0.3:::::::* cpe:2.3:a:php:php:1.0.2:::::::* cpe:2.3:a:php:php:1.0.1:::::::* cpe:2.3:a:php:php:1.0.0:-:::::: cpe:2.3:a:php:php:1.0.0:rc1:::::: cpe:2.3:a:php:php:1.0:beta1:::::: cpe:2.3:a:php:php:1.0:beta2:::::: cpe:2.3:a:php:php:1.0:beta3:::::: cpe:2.3:a:php:php:1.0:rc1:::::: cpe:2.3:a:php:php:1.0:rc2:::::: cpe:2.3:a:php:php:0.91:::::::* cpe:2.3:a:php:php:0.90:::::::* cpe:2.3:a:php:php:0.9.4:::::::* cpe:2.3:a:php:php:0.9.3:::::::* cpe:2.3:a:php:php:0.9.2:::::::* cpe:2.3:a:php:php:0.9.1:::::::* cpe:2.3:a:php:php:0.9.0:::::::* cpe:2.3:a:php:php:0.9:::::::* cpe:2.3:a:php:php:0.7:::::::* cpe:2.3:a:php:php:0.6:::::::* cpe:2.3:a:php:php:0.5.3:::::::* cpe:2.3:a:php:php:0.5.2:::::::* cpe:2.3:a:php:php:0.5:::::::* cpe:2.3:a:php:php:0.4:::::::* cpe:2.3:a:php:php:0.3:::::::* cpe:2.3:a:php:php:0.2.4:::::::* cpe:2.3:a:php:php:0.2.3:::::::* cpe:2.3:a:php:php:0.2.2:::::::* cpe:2.3:a:php:php:0.2.1:::::::* cpe:2.3:a:php:php:0.2.0:::::::* cpe:2.3:a:php:php:0.2:::::::* cpe:2.3:a:php:php:0.11:::::::* cpe:2.3:a:php:php:0.10:::::::* cpe:2.3:a:php:php:0.1.1:::::::* cpe:2.3:a:php:php:0.1:::::::* cpe:2.3:a:php:php:::::::: cpe:2.3:a:php:php:-:::::::*	473
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:::::* cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:::::*	4
Os	Redhat Enterprise Linux cpe:2.3:o:redhat:enterprise_linux:5:::::::*	1

Information Assurance Vulnerability Management (IAVM)

Date	Description
2014-02-27	IAVM : 2014-A-0030 - Apple Mac OS X Security Update 2014-001 Severity : Category I - VMSKEY : V0044547
2013-08-22	IAVM : 2013-B-0093 - Multiple Vulnerabilities in PHP Severity : Category I - VMSKEY : V0040108

Nessus® Vulnerability Scanner

Date	Description
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0064-1.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_php_20140522.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_php_20140401.nasl - Type : ACT_GATHER_INFO
2014-11-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1615.nasl - Type : ACT_GATHER_INFO
2014-11-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1307.nasl - Type : ACT_GATHER_INFO
2014-08-30	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-11.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-1032.nasl - Type : ACT_GATHER_INFO
2014-02-25	Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2014-001.nasl - Type : ACT_GATHER_INFO
2014-02-25	Name : The remote host is missing a Mac OS X update that fixes a certificate validat... File : macosx_10_9_2.nasl - Type : ACT_GATHER_INFO
2014-01-27	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-024.nasl - Type : ACT_GATHER_INFO
2014-01-22	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-014.nasl - Type : ACT_GATHER_INFO
2014-01-15	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php53-131218.nasl - Type : ACT_GATHER_INFO
2014-01-15	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-131220.nasl - Type : ACT_GATHER_INFO
2013-12-04	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131121_php_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-11-27	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1615.nasl - Type : ACT_GATHER_INFO
2013-11-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1615.nasl - Type : ACT_GATHER_INFO
2013-10-11	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130930_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-10-03	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1307.nasl - Type : ACT_GATHER_INFO
2013-10-01	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1307.nasl - Type : ACT_GATHER_INFO
2013-10-01	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-224.nasl - Type : ACT_GATHER_INFO
2013-09-09	Name : The remote Fedora host is missing a security update. File : fedora_2013-14985.nasl - Type : ACT_GATHER_INFO
2013-09-06	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1937-1.nasl - Type : ACT_GATHER_INFO
2013-09-02	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2013-242-02.nasl - Type : ACT_GATHER_INFO
2013-08-28	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-221.nasl - Type : ACT_GATHER_INFO
2013-08-27	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2742.nasl - Type : ACT_GATHER_INFO
2013-08-25	Name : The remote Fedora host is missing a security update. File : fedora_2013-14998.nasl - Type : ACT_GATHER_INFO
2013-08-21	Name : The remote web server uses a version of PHP that is potentially affected by m... File : php_5_5_2.nasl - Type : ACT_GATHER_INFO
2013-08-21	Name : The remote web server uses a version of PHP that is potentially affected by m... File : php_5_4_18.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2874696a5a8d46639d261571f915...
http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html
http://marc.info/?l=bugtraq&m=141390017113542&w=2
http://rhn.redhat.com/errata/RHSA-2013-1307.html
http://rhn.redhat.com/errata/RHSA-2013-1615.html
http://secunia.com/advisories/54478
http://secunia.com/advisories/54657
http://secunia.com/advisories/55078
http://secunia.com/advisories/59652
http://support.apple.com/kb/HT6150
http://www.debian.org/security/2013/dsa-2742
http://www.php.net/ChangeLog-5.php
http://www.securityfocus.com/bid/61776
http://www.securitytracker.com/id/1028924
http://www.ubuntu.com/usn/USN-1937-1

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-28 12:36:14	Multiple Updates
2024-08-02 12:24:47	Multiple Updates
2024-08-02 01:07:25	Multiple Updates
2024-02-02 01:24:05	Multiple Updates
2024-02-01 12:07:11	Multiple Updates
2023-11-07 21:46:00	Multiple Updates
2023-09-05 12:22:45	Multiple Updates
2023-09-05 01:07:05	Multiple Updates
2023-09-02 12:22:47	Multiple Updates
2023-09-02 01:07:10	Multiple Updates
2023-08-22 12:20:31	Multiple Updates
2023-03-28 12:07:08	Multiple Updates
2022-10-11 01:06:51	Multiple Updates
2021-05-04 12:27:10	Multiple Updates
2021-04-22 01:32:53	Multiple Updates
2020-05-24 01:12:00	Multiple Updates
2020-05-23 00:37:56	Multiple Updates
2019-06-08 12:05:33	Multiple Updates
2018-10-03 12:03:41	Multiple Updates
2018-03-13 12:04:58	Multiple Updates
2016-11-29 00:24:49	Multiple Updates
2016-10-05 01:01:09	Multiple Updates
2016-06-28 19:38:52	Multiple Updates
2016-04-26 23:31:33	Multiple Updates
2015-11-20 21:25:08	Multiple Updates
2015-05-21 13:30:45	Multiple Updates
2015-01-21 13:26:20	Multiple Updates
2014-12-03 09:26:38	Multiple Updates
2014-11-13 13:26:53	Multiple Updates
2014-08-31 13:24:56	Multiple Updates
2014-07-17 09:21:38	Multiple Updates
2014-06-14 13:36:01	Multiple Updates
2014-03-06 13:22:39	Multiple Updates
2014-02-28 17:19:12	Multiple Updates
2014-02-26 13:21:13	Multiple Updates
2014-02-17 11:21:52	Multiple Updates
2014-01-24 13:19:21	Multiple Updates
2014-01-14 13:20:34	Multiple Updates
2014-01-04 13:19:32	Multiple Updates
2013-11-11 12:40:43	Multiple Updates
2013-10-23 21:19:59	Multiple Updates
2013-10-11 13:27:04	Multiple Updates
2013-09-12 13:20:48	Multiple Updates
2013-09-11 13:20:53	Multiple Updates
2013-08-30 17:22:47	Multiple Updates
2013-08-20 17:22:58	First insertion

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	12
CPE ID(s)	478
Sources(s)	16
IAVM(s)	2
Nessus® Exploit(s)	28

	Related
10	RHSA-2013:1307
7.5	MDVSA-2014:014
7.5	GLSA-201408-11
6.8	MDVSA-2013:221
5.8	HPSBUX03150 SSR...
5	RHSA-2013:1615
4.3	USN-1937-1
4.3	DSA-2742
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 8 more Alert(s)

4.3 - CVE-2013-4248

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Information Assurance Vulnerability Management (IAVM)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU