Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2013-6420 - Vulnerability Database
PHP

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2013-6420

High
Reference: CVE-2013-6420
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2013-6420
Title: PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Overview:

The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28 5.4.x before 5.4.23 and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.