In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145.
                
            References
                    Configurations
                    Configuration 1 (hide)
| 
 | 
Configuration 2 (hide)
| 
 | 
Configuration 3 (hide)
| 
 | 
Configuration 4 (hide)
| 
 | 
History
                    No history.
Information
                Published : 2017-11-07 21:29
Updated : 2025-04-20 01:37
NVD link : CVE-2017-16642
Mitre link : CVE-2017-16642
CVE.ORG link : CVE-2017-16642
JSON object : View
Products Affected
                canonical
- ubuntu_linux
netapp
- storage_automation_store
- clustered_data_ontap
php
- php
debian
- debian_linux
CWE
                
                    
                        
                        CWE-125
                        
            Out-of-bounds Read
