Уязвимость CVE-2013-6420

Релиз	Статус	Примечание
devel	released	5.5.6+dfsg-1ubuntu1
lucid	released	5.3.2-1ubuntu4.22
precise	released	5.3.10-1ubuntu3.9
quantal	released	5.4.6-1ubuntu1.5
raring	released	5.4.9-4ubuntu2.4
saucy	released	5.5.3+dfsg-1ubuntu2.1
upstream	needs-triage

CVE-2013-6420

redhat

почти 12 лет назад

The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.

CVE-2013-6420

nvd

почти 12 лет назад

The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.

CVE-2013-6420

debian

почти 12 лет назад

The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP befor ...

GHSA-m6pq-hhvx-694c

github

больше 3 лет назад

The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.

ELSA-2013-1813

oracle-oval

почти 12 лет назад

ELSA-2013-1813: php53 and php security update (CRITICAL)

exploitDog

CVE-2013-6420

Описание

Ссылки на источники

Связанные уязвимости

CVE-2013-6420

Описание

Пакет php5

Ссылки на источники

Связанные уязвимости