Lucene search

K
cvelistMitreCVELIST:CVE-2013-6712
HistoryNov 28, 2013 - 2:00 a.m.

CVE-2013-6712

2013-11-2802:00:00
mitre
www.cve.org

6.2 Medium

AI Score

Confidence

High

0.59 Medium

EPSS

Percentile

97.8%

The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.