Описание
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 5.5.0+dfsg-15ubuntu1 |
| lucid | released | 5.3.2-1ubuntu4.20 |
| precise | released | 5.3.10-1ubuntu3.7 |
| quantal | released | 5.4.6-1ubuntu1.3 |
| raring | released | 5.4.9-4ubuntu2.2 |
| upstream | released | 5.3.27 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing ...
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
EPSS
6.8 Medium
CVSS2