VYPR
Unrated severityNVD Advisory· Published Jul 31, 2013· Updated Jun 16, 2026

CVE-2013-2220

CVE-2013-2220

Description

Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:radius_extension_project:radius:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:radius_extension_project:radius:*:*:*:*:*:*:*:*range: <=1.2.6
    • cpe:2.3:a:radius_extension_project:radius:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:radius_extension_project:radius:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:radius_extension_project:radius:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:radius_extension_project:radius:1.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:radius_extension_project:radius:1.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:radius_extension_project:radius:1.2.5:*:*:*:*:*:*:*
  • PHP/radiusllm-create
    Range: <1.2.7

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.