CVE-2017-16642

🗓️ 07 Nov 2017 21:00:00Reported by mitreType

PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11 date extension's timelib_meridian handling vulnerabilit

Reporter	Title	Published	Views	Family All 76
0day.today	PHP 7.1.8 - Heap-Based Buffer Overflow Vulnerability	15 Nov 201700:00	–	zdt
ATTACKERKB	CVE-2017-16642	7 Nov 201721:29	–	attackerkb
Circl	CVE-2017-16642	9 Nov 201700:00	–	circl
CNVD	PHP heap buffer overflow vulnerability (CNVD-2017-33481)	11 Sep 201700:00	–	cnvd
Check Point Advisories	PHP Core timelib_meridian Heap Buffer Overflow (CVE-2017-16642)	20 Nov 201700:00	–	checkpoint_advisories
Cvelist	CVE-2017-16642	7 Nov 201721:00	–	cvelist
Debian	[SECURITY] [DSA 4080-1] php7.0 security update	8 Jan 201822:30	–	debian
Debian	[SECURITY] [DSA 4081-1] php5 security update	8 Jan 201822:33	–	debian
Debian CVE	CVE-2017-16642	7 Nov 201721:00	–	debiancve
Tenable Nessus	Debian DSA-4080-1 : php7.0 - security update	9 Jan 201800:00	–	nessus

NVD

Node

php phpRange<5.6.32

php phpRange7.0.0–7.0.25

php phpRange7.1.0–7.1.11

Node

Node

Node

Source	Link
usn	www.usn.ubuntu.com/3566-1/
exploit-db	www.exploit-db.com/exploits/43133/
php	www.php.net/ChangeLog-7.php
github	www.github.com/php/php-src/commit/5c0455bf2c8cd3c25401407f158e820aa3b239e1
debian	www.debian.org/security/2018/dsa-4080
bugs	www.bugs.php.net/bug.php
access	www.access.redhat.com/errata/RHSA-2019:2519
securityfocus	www.securityfocus.com/bid/101745
github	www.github.com/derickr/timelib/commit/aa9156006e88565e1f1a5f7cc088b18322d57536
access	www.access.redhat.com/errata/RHSA-2018:1296

13 May 2026 00:24Current

8.2High risk

Vulners AI Score8.2

CVSS 25

CVSS 37.5

EPSS0.08257