CVE-2017-16642high
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145.
References
http://php.net/ChangeLog-5.php
http://php.net/ChangeLog-7.php
http://www.securityfocus.com/bid/101745
https://access.redhat.com/errata/RHSA-2018:1296
https://access.redhat.com/errata/RHSA-2019:2519
https://bugs.php.net/bug.php?id=75055
https://github.com/derickr/timelib/commit/aa9156006e88565e1f1a5f7cc088b18322d57536
https://github.com/php/php-src/commit/5c0455bf2c8cd3c25401407f158e820aa3b239e1
https://security.netapp.com/advisory/ntap-20181123-0001/
https://usn.ubuntu.com/3566-1/
https://www.debian.org/security/2018/dsa-4080
Details
Source: MITRE
Published: 2017-11-07
Updated: 2019-08-19
Type: CWE-125
Risk Information
CVSS v2
Base Score: 5
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 10
Severity: MEDIUM
CVSS v3
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 3.9
Severity: HIGH
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
Configuration 2
OR
Configuration 3
OR
Configuration 4
OR
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 137966 | EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2020-1747) | Nessus | Huawei Local Security Checks | critical |
| 136245 | EulerOS Virtualization for ARM 64 3.0.2.0 : php (EulerOS-SA-2020-1542) | Nessus | Huawei Local Security Checks | high |
| 133925 | EulerOS 2.0 SP5 : php (EulerOS-SA-2020-1124) | Nessus | Huawei Local Security Checks | critical |
| 132184 | EulerOS 2.0 SP3 : php (EulerOS-SA-2019-2649) | Nessus | Huawei Local Security Checks | critical |
| 131592 | EulerOS 2.0 SP2 : php (EulerOS-SA-2019-2438) | Nessus | Huawei Local Security Checks | critical |
| 98857 | PHP 7.1.x < 7.1.11 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | critical |
| 98845 | PHP 7.0.x < 7.0.25 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | critical |
| 98823 | PHP 5.6.x < 5.6.32 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | critical |
| 120010 | SUSE SLES12 Security Update : php5 (SUSE-SU-2017:3277-1) | Nessus | SuSE Local Security Checks | critical |
| 120009 | SUSE SLES12 Security Update : php7 (SUSE-SU-2017:3237-1) | Nessus | SuSE Local Security Checks | critical |
| 106792 | Ubuntu 14.04 LTS : php5 vulnerabilities (USN-3566-1) | Nessus | Ubuntu Local Security Checks | critical |
| 105664 | Debian DSA-4081-1 : php5 - security update | Nessus | Debian Local Security Checks | critical |
| 105663 | Debian DSA-4080-1 : php7.0 - security update | Nessus | Debian Local Security Checks | critical |
| 105513 | SUSE SLES11 Security Update : php53 (SUSE-SU-2018:0003-1) | Nessus | SuSE Local Security Checks | critical |
| 105266 | openSUSE Security Update : php5 (openSUSE-2017-1371) | Nessus | SuSE Local Security Checks | critical |
| 105238 | openSUSE Security Update : php7 (openSUSE-2017-1353) | Nessus | SuSE Local Security Checks | critical |
| 104633 | PHP 7.1.x < 7.1.11 Multiple Vulnerabilities | Nessus | CGI abuses | critical |
| 104632 | PHP 7.0.x < 7.0.25 Multiple Vulnerabilities | Nessus | CGI abuses | critical |
| 104631 | PHP 5.6.x < 5.6.32 Multiple Vulnerabilities | Nessus | CGI abuses | critical |