FKIE_CVE-2013-3735

Vulnerability from fkie_nvd - Published: 2013-05-31 21:55 - Updated: 2026-04-29 01:13
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted function definition, as demonstrated by an attack within a shared web-hosting environment. NOTE: the vendor's http://php.net/security-note.php page says "for critical security situations you should be using OS-level security by running multiple web servers each as their own user id.
References
cve@mitre.orghttps://bugs.php.net/bug.php?id=64660
cve@mitre.orghttps://github.com/php/php-src/blob/php-5.4.16RC1/NEWS
cve@mitre.orghttps://github.com/php/php-src/blob/php-5.5.0RC2/NEWS
cve@mitre.orghttps://github.com/php/php-src/commit/fb58e69a84f4fde603a630d2c9df2fa3be16d846Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108https://bugs.php.net/bug.php?id=64660
af854a3a-2127-422b-91ae-364da2661108https://github.com/php/php-src/blob/php-5.4.16RC1/NEWS
af854a3a-2127-422b-91ae-364da2661108https://github.com/php/php-src/blob/php-5.5.0RC2/NEWS
af854a3a-2127-422b-91ae-364da2661108https://github.com/php/php-src/commit/fb58e69a84f4fde603a630d2c9df2fa3be16d846Exploit, Patch
Impacted products
Vendor Product Version
php php *
php php 5.4.0
php php 5.4.1
php php 5.4.2
php php 5.4.3
php php 5.4.4
php php 5.4.5
php php 5.4.6
php php 5.4.7
php php 5.4.8
php php 5.4.9
php php 5.4.10
php php 5.4.11
php php 5.4.12
php php 5.4.12
php php 5.4.12
php php 5.4.13
php php 5.4.13
php php 5.4.14
php php 5.4.14
php php *
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
php php 5.5.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:php:php:*:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "E16F8866-A969-4C31-A5FF-32D4DEE24C91",
              "versionEndIncluding": "5.4.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7B9B8D2-78B7-4B17-955B-741C7A6F6634",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CA2A940-BD69-4D35-AF12-432CB929248B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "29BD13F9-86C8-44C4-A860-9A87870A518E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B361FDE-9F6A-4E9A-96F1-619DC56EECB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DBD9E7B-1237-47A8-8A07-5CC5246A9C5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F2BB41E-2096-4291-B0ED-06825FDFE8BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "52BA94F7-1AF9-415C-AC21-30BC25C74C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0A739A0-698A-422B-886B-430A79F6E945",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "086E0D24-A43E-4CEA-9FB0-FE193B88CC31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC8D0963-8CA5-4814-9B6D-4E1C3907737B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A4B7E0-C872-4E53-AD72-1BB2755E4FDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EECCD553-53D5-485E-8C21-E2A5070833B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "95357C79-A754-4E0C-B65B-0FA241962B12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "25EAF9A9-F7A1-4AC7-BCFD-769BE0FDB537",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "74EA8037-7C22-48B3-9FA2-4BFFFFD513D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8D1254E-0C72-4958-BA7F-5B818C3ACB15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "92994FFC-F362-48AC-9CA8-8EBCAC880C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "21131DF1-1EE5-4C84-B1E0-FA75BC39B344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "0B23F85D-465B-4176-9798-E78AADE421EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:php:php:*:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "F3004D4C-C790-4422-9FF8-9F7C5ADA808C",
              "versionEndIncluding": "5.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
              "matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
              "matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
              "matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
              "matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
              "matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [
    {
      "sourceIdentifier": "cve@mitre.org",
      "tags": [
        "disputed"
      ]
    }
  ],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted function definition, as demonstrated by an attack within a shared web-hosting environment.  NOTE: the vendor\u0027s http://php.net/security-note.php page says \"for critical security situations you should be using OS-level security by running multiple web servers each as their own user id."
    },
    {
      "lang": "es",
      "value": "** EN DISPUTA ** El Zend Engine en PHP anterior a v5.4.16 RC1, y v5.5.0 anterior a RC2, no determina de forma precisa si ocurre un error del analizador sint\u00e1ctica, lo que permite a atacantes dependiendo del contexto provocar una denegaci\u00f3n de servicio (consumo de memoria y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una definici\u00f3n de una funci\u00f3n manipulada, como se demostr\u00f3 por un ataque en un entorno de alojamiento Web. NOTA: la p\u00e1gina http://php.net/security-note.php del distribuidor dice \"para situaciones cr\u00edticas de seguridad deber\u00eda usar seguridad a nivel de sistema operativo\" ejecutando m\u00faltipls servidores, cada uno con su propia ID.\""
    }
  ],
  "id": "CVE-2013-3735",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2013-05-31T21:55:01.230",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "https://bugs.php.net/bug.php?id=64660"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://github.com/php/php-src/blob/php-5.4.16RC1/NEWS"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://github.com/php/php-src/blob/php-5.5.0RC2/NEWS"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://github.com/php/php-src/commit/fb58e69a84f4fde603a630d2c9df2fa3be16d846"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.php.net/bug.php?id=64660"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/php/php-src/blob/php-5.4.16RC1/NEWS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/php/php-src/blob/php-5.5.0RC2/NEWS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://github.com/php/php-src/commit/fb58e69a84f4fde603a630d2c9df2fa3be16d846"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.