CVE-2013-4248

N/A Unknown

Published: August 18, 2013 Modified: April 29, 2026

Description

The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2874696a5a8d46639d261571f915c493cd875897

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html

Source: secalert@redhat.com

http://marc.info/?l=bugtraq&m=141390017113542&w=2

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2013-1307.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-1615.html

Source: secalert@redhat.com

http://secunia.com/advisories/54478

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/54657

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/55078

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/59652

Source: secalert@redhat.com

http://support.apple.com/kb/HT6150

Source: secalert@redhat.com

http://www.debian.org/security/2013/dsa-2742

Source: secalert@redhat.com

http://www.php.net/ChangeLog-5.php

Source: secalert@redhat.com

http://www.securityfocus.com/bid/61776

Source: secalert@redhat.com

http://www.securitytracker.com/id/1028924

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-1937-1

Source: secalert@redhat.com

Vendor Advisory

http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2874696a5a8d46639d261571f915c493cd875897

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=141390017113542&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2013-1307.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-1615.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/54478

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/54657

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/55078

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/59652

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT6150

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2013/dsa-2742

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.php.net/ChangeLog-5.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/61776

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1028924

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-1937-1

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

32 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

9.9%

93th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-20

Affected Vendors

php canonical redhat

Related CVEs

CVE-2026-8108 7.8

CVE-2026-5371 7.1

CVE-2026-44548 8.1

CVE-2026-44547 9.6

CVE-2026-44352 N/A