CVE-2013-6420
PHP < 5.3.28, 5.4.x < 5.4.23, 5.5.x < 5.5.7 - Remote Code Execution via X.509 Certificate Timestamp Parsing
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2013-6420. PoCs published by Stefan Esser.
AI-analyzed exploit summary The advisory describes a memory corruption vulnerability in PHP's openssl_x509_parse() function, which can be exploited via malicious x509 certificates containing NUL bytes in timestamp fields. The vulnerability can lead to arbitrary code execution under specific conditions.
Description
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.
Exploits (1)
The advisory describes a memory corruption vulnerability in PHP's openssl_x509_parse() function, which can be exploited via malicious x509 certificates containing NUL bytes in timestamp fields. The vulnerability can lead to arbitrary code execution under specific conditions.