MGASA-2013-0379

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2013-6420 CVE-2013-6712

Published: 19 Dec 2013, 21:08

Last modified:16 Apr 2026, 06:23

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

19 Dec 2013, 21:08

Published

Vulnerability first disclosed

16 Apr 2026, 06:23

Last Modified

Vulnerability information updated

Description

Updated php packages fix multiple security vulnerabilities Updated php packages fix security vulnerabilities: Stefan Esser discovered that PHP incorrectly parsed certificates. An attacker could use a malformed certificate to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2013-6420). It was discovered that PHP incorrectly handled DateInterval objects. An attacker could use this issue to cause PHP to crash, resulting in a denial of service (CVE-2013-6712).

Affected Systems

mageia•php
< 5.4.23-1.mga3
mageia•php-apc
< 3.1.14-7.5.mga3
mageia•php-gd-bundled
< 5.4.23-1.mga3

MGASA-2013-0379

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)