Unrated severityNVD Advisory· Published Jul 31, 2013· Updated Jun 16, 2026
CVE-2013-2220
CVE-2013-2220
Description
Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:radius_extension_project:radius:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:radius_extension_project:radius:*:*:*:*:*:*:*:*range: <=1.2.6
- cpe:2.3:a:radius_extension_project:radius:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:radius_extension_project:radius:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:radius_extension_project:radius:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:radius_extension_project:radius:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:radius_extension_project:radius:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:radius_extension_project:radius:1.2.5:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.