Summary
This host is running PHP and is prone to heap based buffer overflow vulnerability.
Impact
Successful exploitation will allow attackers to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
Solution
Upgrade to PHP version 5.3.27 or later,
For updates refer to http://php.net/
Insight
The flaw is triggered as user-supplied input is not properly validated when handling malformed XML input.
Affected
PHP version prior to 5.3.27
Detection
Get the installed version of PHP with the help of detect NVT and check it is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-4113 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apple Safari Secure Cookie Security Bypass Vulnerability (Windows)
- Apple Safari JavaScript Implementation Information Disclosure Vulnerability (Windows)
- Avant Browser Address Bar Spoofing Vulnerability
- CA Gateway Security Remote Code Execution Vulnerability
- Adobe LiveCycle Designer Untrusted Search Path Vulnerability (Windows)