FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

PHP5 -- Integer overflow in Calendar module

Affected packages
5.4.0 <= php5 < 5.4.16
php53 < 5.3.26

Details

VuXML ID 5def3175-f3f9-4476-ba40-b46627cc638c
Discovery 2013-05-22
Entry 2013-07-16

The PHP development team reports:

Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function.

References

CVE Name CVE-2013-4635
URL https://bugs.php.net/bug.php?id=64895