CVE-2013-4635
PHP < 5.3.26 and 5.4.x < 5.4.16 - Denial of Service via SdnToJewish Integer Overflow
Title source: llmDescription
Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function.
References (9)
Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1028699
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/54104
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00007.html
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1905-1
Vendor Advisory x_refsource_confirm
http://www.php.net/ChangeLog-5.php
Third Party Advisory mailing-list
x_refsource_vim
http://www.attrition.org/pipermail/vim/2013-June/002697.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html
Various Sources x_refsource_confirm
https://bugs.php.net/bug.php?id=64895
Scores
EPSS
0.1306
EPSS Percentile
94.2%
Details
CWE
CWE-189
Status
published
Products (46)
php/php
1.0
php/php
2.0
php/php
2.0b10
php/php
3.0
php/php
3.0.1
php/php
3.0.2
php/php
3.0.3
php/php
3.0.4
php/php
3.0.5
php/php
3.0.6
... and 36 more
Published
Jun 21, 2013
Tracked Since
Feb 18, 2026