5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.055 Low
EPSS
Percentile
93.2%
Issue Overview:
Heap-based buffer overflow in the php_quot_print_encode function in ext/standard/quot_print.c in PHP before 5.3.26 and 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted argument to the quoted_printable_encode function.
Affected Packages:
php
Issue Correction:
Run yum update php to update your system.
New Packages:
i686:
php-mcrypt-5.3.26-1.0.amzn1.i686
php-soap-5.3.26-1.0.amzn1.i686
php-tidy-5.3.26-1.0.amzn1.i686
php-snmp-5.3.26-1.0.amzn1.i686
php-dba-5.3.26-1.0.amzn1.i686
php-mbstring-5.3.26-1.0.amzn1.i686
php-intl-5.3.26-1.0.amzn1.i686
php-xmlrpc-5.3.26-1.0.amzn1.i686
php-5.3.26-1.0.amzn1.i686
php-devel-5.3.26-1.0.amzn1.i686
php-bcmath-5.3.26-1.0.amzn1.i686
php-fpm-5.3.26-1.0.amzn1.i686
php-ldap-5.3.26-1.0.amzn1.i686
php-mysqlnd-5.3.26-1.0.amzn1.i686
php-embedded-5.3.26-1.0.amzn1.i686
php-enchant-5.3.26-1.0.amzn1.i686
php-mssql-5.3.26-1.0.amzn1.i686
php-common-5.3.26-1.0.amzn1.i686
php-mysql-5.3.26-1.0.amzn1.i686
php-debuginfo-5.3.26-1.0.amzn1.i686
php-cli-5.3.26-1.0.amzn1.i686
php-imap-5.3.26-1.0.amzn1.i686
php-pspell-5.3.26-1.0.amzn1.i686
php-pdo-5.3.26-1.0.amzn1.i686
php-xml-5.3.26-1.0.amzn1.i686
php-pgsql-5.3.26-1.0.amzn1.i686
php-recode-5.3.26-1.0.amzn1.i686
php-gd-5.3.26-1.0.amzn1.i686
php-odbc-5.3.26-1.0.amzn1.i686
php-process-5.3.26-1.0.amzn1.i686
src:
php-5.3.26-1.0.amzn1.src
x86_64:
php-xml-5.3.26-1.0.amzn1.x86_64
php-mssql-5.3.26-1.0.amzn1.x86_64
php-mysql-5.3.26-1.0.amzn1.x86_64
php-imap-5.3.26-1.0.amzn1.x86_64
php-mysqlnd-5.3.26-1.0.amzn1.x86_64
php-common-5.3.26-1.0.amzn1.x86_64
php-snmp-5.3.26-1.0.amzn1.x86_64
php-bcmath-5.3.26-1.0.amzn1.x86_64
php-gd-5.3.26-1.0.amzn1.x86_64
php-debuginfo-5.3.26-1.0.amzn1.x86_64
php-devel-5.3.26-1.0.amzn1.x86_64
php-recode-5.3.26-1.0.amzn1.x86_64
php-dba-5.3.26-1.0.amzn1.x86_64
php-mbstring-5.3.26-1.0.amzn1.x86_64
php-process-5.3.26-1.0.amzn1.x86_64
php-xmlrpc-5.3.26-1.0.amzn1.x86_64
php-cli-5.3.26-1.0.amzn1.x86_64
php-ldap-5.3.26-1.0.amzn1.x86_64
php-tidy-5.3.26-1.0.amzn1.x86_64
php-enchant-5.3.26-1.0.amzn1.x86_64
php-5.3.26-1.0.amzn1.x86_64
php-odbc-5.3.26-1.0.amzn1.x86_64
php-mcrypt-5.3.26-1.0.amzn1.x86_64
php-pgsql-5.3.26-1.0.amzn1.x86_64
php-soap-5.3.26-1.0.amzn1.x86_64
php-embedded-5.3.26-1.0.amzn1.x86_64
php-pspell-5.3.26-1.0.amzn1.x86_64
php-pdo-5.3.26-1.0.amzn1.x86_64
php-fpm-5.3.26-1.0.amzn1.x86_64
php-intl-5.3.26-1.0.amzn1.x86_64
Red Hat: CVE-2013-2110
Mitre: CVE-2013-2110
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | php-mcrypt | < 5.3.26-1.0.amzn1 | php-mcrypt-5.3.26-1.0.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-soap | < 5.3.26-1.0.amzn1 | php-soap-5.3.26-1.0.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-tidy | < 5.3.26-1.0.amzn1 | php-tidy-5.3.26-1.0.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-snmp | < 5.3.26-1.0.amzn1 | php-snmp-5.3.26-1.0.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-dba | < 5.3.26-1.0.amzn1 | php-dba-5.3.26-1.0.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-mbstring | < 5.3.26-1.0.amzn1 | php-mbstring-5.3.26-1.0.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-intl | < 5.3.26-1.0.amzn1 | php-intl-5.3.26-1.0.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-xmlrpc | < 5.3.26-1.0.amzn1 | php-xmlrpc-5.3.26-1.0.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php | < 5.3.26-1.0.amzn1 | php-5.3.26-1.0.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-devel | < 5.3.26-1.0.amzn1 | php-devel-5.3.26-1.0.amzn1.i686.rpm |