Unrated severityNVD Advisory· Published Jul 13, 2013· Updated Jun 16, 2026
CVE-2013-4113
CVE-2013-4113
Description
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords3 versionspkg:rpm/opensuse/php5&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/php7&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/php8&distro=openSUSE%20Tumbleweed
< 5.6.28-1.1+ 2 more
- (no CPE)range: < 5.6.28-1.1
- (no CPE)range: < 7.0.14-1.4
- (no CPE)range: < 8.0.11-1.1
Patches
Vulnerability mechanics
References
20- lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-08/msg00007.htmlnvdMailing ListThird Party Advisory
- php.net/ChangeLog-5.phpnvdVendor Advisory
- php.net/archive/2013.phpnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2013-1049.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2013-1050.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2013-1061.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2013-1062.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2013-1063.htmlnvdThird Party Advisory
- secunia.com/advisories/54071nvdThird Party Advisory
- secunia.com/advisories/54104nvdThird Party Advisory
- secunia.com/advisories/54163nvdThird Party Advisory
- secunia.com/advisories/54165nvdThird Party Advisory
- support.apple.com/kb/HT6150nvdThird Party Advisory
- www.debian.org/security/2013/dsa-2723nvdThird Party Advisory
- www.ubuntu.com/usn/USN-1905-1nvdThird Party Advisory
- bugs.php.net/bug.phpnvdVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
- git.php.netnvd
News mentions
0No linked articles in our index yet.