7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.018 Low
EPSS
Percentile
88.1%
PHP versions 5.4.x earlier than 5.4.12 are affected by the following vulnerabilities :
An error exists in the file ‘ext/soap/soap.c’ related to the ‘soap.wsdl_cache_dir’ configuration directive and writing cache files that could allow remote ‘wsdl’ files to be written to arbitrary locations. (CVE-2013-1635)
An error exists in the file ‘ext/soap/php_xml.c’ related to parsing SOAP ‘wsdl’ files and external entities that could cause PHP to parse remote XML documents defined by an attacker. This could allow access to arbitrary files. (CVE-2013-1643)
Binary data 6708.prm