SUSE CVE-2013-6712

The scan function in ext/date/lib/parseisointervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service heap-based buffer over-read via a crafted interval specification...

SUSE CVE-2016-9138

PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::toString with DateInterval::wakeup...

The vulnerability of the __wakeup modification in PHP interpreters allows a attacker to trigger a service failure or exert other effects.

The vulnerability of the wakeup modification in PHP interpreters relates to the use of memory after it is released. Exploiting this vulnerability can allow a remote attacker to cause service failures or other effects through specially crafted data, as demonstrated in the exception...

PHP 'DateInterval' Object Arbitrary Code Execution Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. An...