** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: This candidate was withdrawn by its CNA.  Further investigation showed that it was not an independently fixable security issue relative to CVE-2017-11145.  Notes: none.

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: This candidate was withdrawn by its CNA.  Further investigation showed that it was not an independently fixable security issue relative to CVE-2017-11145.  Notes: none

OR
     *cpe:2.3:a:php:php:5.6.30:*:*:*:*:*:*:* (and previous)
     *cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200

In PHP through 5.6.31, 7.x through 7.0.21, and 7.1.x through 7.1.7, lack of bounds checks in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-11145.

** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: This candidate was withdrawn by its CNA.  Further investigation showed that it was not an independently fixable security issue relative to CVE-2017-11145.  Notes: none.

true

false

http://openwall.com/lists/oss-security/2017/07/10/6 [Mailing List, Third Party Advisory]

http://www.securityfocus.com/bid/99612 [No Types Assigned]

https://bugs.php.net/bug.php?id=74819 [Third Party Advisory]

https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75 [Patch, Third Party Advisory]

http://www.securityfocus.com/bid/99612 [No Types Assigned]

OR
     *cpe:2.3:a:php:php:5.6.30:*:*:*:*:*:*:* (and previous)
     *cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200

http://openwall.com/lists/oss-security/2017/07/10/6 No Types Assigned

http://openwall.com/lists/oss-security/2017/07/10/6 Mailing List, Third Party Advisory

https://bugs.php.net/bug.php?id=74819 No Types Assigned

https://bugs.php.net/bug.php?id=74819 Third Party Advisory

https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75 No Types Assigned

https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75 Patch, Third Party Advisory