Количество 12
Количество 12
BDU:2022-02632
Уязвимость функции openssl_x509_parse модуля OpenSSL интерпретатора языка программирования PHP, позволяющая нарушителю выполнить произвольный код в сценарии «человек посередине» (MITM, Man-In-The-Middle)
CVE-2013-4248
The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
CVE-2013-4248
The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
CVE-2013-4248
The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
CVE-2013-4248
The openssl_x509_parse function in openssl.c in the OpenSSL module in ...
GHSA-hhfm-3287-cc2v
The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
ELSA-2013-1615
ELSA-2013-1615: php security, bug fix, and enhancement update (MODERATE)
ELSA-2013-1307
ELSA-2013-1307: php53 security, bug fix and enhancement update (MODERATE)
SUSE-SU-2015:1265-1
Security update for php53
SUSE-SU-2015:1018-1
Security update for php53
SUSE-SU-2015:0436-1
Security update for php53
SUSE-SU-2015:0370-1
Security update for php53
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2022-02632 Уязвимость функции openssl_x509_parse модуля OpenSSL интерпретатора языка программирования PHP, позволяющая нарушителю выполнить произвольный код в сценарии «человек посередине» (MITM, Man-In-The-Middle) | CVSS3: 3.7 | 10% Низкий | почти 12 лет назад |
 | CVE-2013-4248 The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | CVSS2: 4.3 | 10% Низкий | почти 12 лет назад |
 | CVE-2013-4248 The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | CVSS2: 4.3 | 10% Низкий | почти 12 лет назад |
 | CVE-2013-4248 The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | CVSS2: 4.3 | 10% Низкий | почти 12 лет назад |
| CVE-2013-4248 The openssl_x509_parse function in openssl.c in the OpenSSL module in ... | CVSS2: 4.3 | 10% Низкий | почти 12 лет назад |
| GHSA-hhfm-3287-cc2v The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | 10% Низкий | около 3 лет назад | |
| ELSA-2013-1615 ELSA-2013-1615: php security, bug fix, and enhancement update (MODERATE) | больше 11 лет назад | ||
| ELSA-2013-1307 ELSA-2013-1307: php53 security, bug fix and enhancement update (MODERATE) | больше 11 лет назад | ||
 | SUSE-SU-2015:1265-1 Security update for php53 | больше 10 лет назад | ||
| SUSE-SU-2015:1018-1 Security update for php53 | больше 10 лет назад | ||
| SUSE-SU-2015:0436-1 Security update for php53 | больше 10 лет назад | ||
| SUSE-SU-2015:0370-1 Security update for php53 | больше 10 лет назад |
Уязвимостей на страницу