Vulnerability & Exploit Database

Displaying entries 1 - 10 of 32 in total

Results for: CVE-2013-1826 Back to search

Alpine Linux: CVE-2013-0157: Multiple vulnerabilities in util-linux allows information disclosure Vulnerability

  • Severity: 2
  • Published: January 21, 2014

(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates different error messages depending on whether the directory exists....

PHP Vulnerability: CVE-2013-6420 Vulnerability

  • Severity: 8
  • Published: December 16, 2013

The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certifi...

Oracle Solaris 11: CVE-2013-6420: Vulnerability in PHP Vulnerability

  • Severity: 8
  • Published: December 16, 2013

The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certifi...

Gentoo Linux: CVE-2013-6420: PHP: Multiple vulnerabilities Vulnerability

  • Severity: 8
  • Published: December 16, 2013

The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certifi...

OS X update for PHP (CVE-2013-6420) Vulnerability

  • Severity: 8
  • Published: December 16, 2013

The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certifi...

OS X update for Apache (CVE-2013-6420) Vulnerability

  • Severity: 8
  • Published: December 16, 2013

The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certifi...

Alpine Linux: CVE-2013-6420: php CVE-2013-6420 - memory corruption in openssl_x509_parse Vulnerability

  • Severity: 8
  • Published: December 16, 2013

The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certifi...

RHSA-2013:1826: php security update Vulnerability

  • Severity: 8
  • Published: December 12, 2013

PHP is an HTML-embedded scripting language commonly used with the ApacheHTTP Server.A memory corruption flaw was found in the way the openssl_x509_parse()function of the PHP openssl extension parsed X.509 certificates. A remoteattacker could use this flaw to provide a malicious self-signed certificateor a certificate signed by a trusted ...

USN-1826-1: Linux kernel vulnerability Vulnerability

  • Severity: 7
  • Published: May 14, 2013

The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.