{ "threat_severity" : "Moderate", "public_date" : "2013-08-13T00:00:00Z", "bugzilla" : { "description" : "php: hostname check bypassing vulnerability in SSL client", "id" : "997097", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=997097" }, "cvss" : { "cvss_base_score" : "4.3", "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:N/I:P/A:N", "status" : "verified" }, "details" : [ "The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408." ], "statement" : "This issue does not affect the version of php as shipped with Red Hat Enterprise Linux 5 or the version of php54 as shipped with Red Hat Software Collections 1.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2013-09-30T00:00:00Z", "advisory" : "RHSA-2013:1307", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "php53-0:5.3.3-21.el5" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2013-11-20T00:00:00Z", "advisory" : "RHSA-2013:1615", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "php-0:5.3.3-26.el6" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "php", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "php", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Affected", "package_name" : "php54-php", "cpe" : "cpe:/a:redhat:rhel_software_collections:1" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2013-4248\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-4248" ], "name" : "CVE-2013-4248", "csaw" : false }