CVE-2013-4635 — Vulnetix

Try Vulnetix Request Demo

CVE-2013-4635 PUBLISHED CVSS 5 MEDIUM

Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function.

EPSS 13.06% · 94.0th percentile

Risk Scores

CVSS v2.0

5

EPSS Score

13.06%

94.0th percentile

Affected Products

Vendor	Product	Versions
php	php	5.4.15, 0, 1.0
n/a	n/a	n/a

Timeline

Jun 21, 2013 CVE Published
Feb 4, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Jan 7, 2024 EPSS Score
Aug 6, 2024 CVE Updated
Mar 17, 2025 EPSS Score
Mar 19, 2025 EPSS Score
Mar 29, 2025 EPSS Score
Mar 30, 2025 EPSS Score
May 4, 2025 EPSS Score
Jun 1, 2025 EPSS Score
Jun 4, 2025 EPSS Score

References

1028699 vdb
54104 third-party-advisory
SUSE-SU-2013:1316 vendor-advisory
USN-1905-1 vendor-advisory
http://www.php.net/ChangeLog-5.php url
20130624 CVE-2013-4635 SndToJewish / SdnToJewish function name mailing-list
SUSE-SU-2013:1315 vendor-advisory
SUSE-SU-2013:1285 vendor-advisory
https://bugs.php.net/bug.php?id=64895 url
https://nvd.nist.gov/vuln/detail/CVE-2013-4635 advisory

Open in Interactive Console →