Lucene search

K
prionPRIOn knowledge basePRION:CVE-2013-6712
HistoryNov 28, 2013 - 4:37 a.m.

Heap overflow

2013-11-2804:37:00
PRIOn knowledge base
www.prio-n.com
9

8.9 High

AI Score

Confidence

High

0.59 Medium

EPSS

Percentile

97.8%

The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.