vulnerability
SUSE: CVE-2017-16642: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Nov 7, 2017 | Dec 7, 2017 | Feb 4, 2022 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Nov 7, 2017
Added
Dec 7, 2017
Modified
Feb 4, 2022
Description
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145.
Solution(s)
suse-upgrade-apache2-mod_php5suse-upgrade-apache2-mod_php53suse-upgrade-apache2-mod_php7suse-upgrade-php5suse-upgrade-php5-bcmathsuse-upgrade-php5-bz2suse-upgrade-php5-calendarsuse-upgrade-php5-ctypesuse-upgrade-php5-curlsuse-upgrade-php5-dbasuse-upgrade-php5-develsuse-upgrade-php5-domsuse-upgrade-php5-enchantsuse-upgrade-php5-exifsuse-upgrade-php5-fastcgisuse-upgrade-php5-fileinfosuse-upgrade-php5-fpmsuse-upgrade-php5-ftpsuse-upgrade-php5-gdsuse-upgrade-php5-gettextsuse-upgrade-php5-gmpsuse-upgrade-php5-iconvsuse-upgrade-php5-imapsuse-upgrade-php5-intlsuse-upgrade-php5-jsonsuse-upgrade-php5-ldapsuse-upgrade-php5-mbstringsuse-upgrade-php5-mcryptsuse-upgrade-php5-mysqlsuse-upgrade-php5-odbcsuse-upgrade-php5-opcachesuse-upgrade-php5-opensslsuse-upgrade-php5-pcntlsuse-upgrade-php5-pdosuse-upgrade-php5-pearsuse-upgrade-php5-pgsqlsuse-upgrade-php5-pharsuse-upgrade-php5-posixsuse-upgrade-php5-pspellsuse-upgrade-php5-shmopsuse-upgrade-php5-snmpsuse-upgrade-php5-soapsuse-upgrade-php5-socketssuse-upgrade-php5-sqlitesuse-upgrade-php5-suhosinsuse-upgrade-php5-sysvmsgsuse-upgrade-php5-sysvsemsuse-upgrade-php5-sysvshmsuse-upgrade-php5-tokenizersuse-upgrade-php5-wddxsuse-upgrade-php5-xmlreadersuse-upgrade-php5-xmlrpcsuse-upgrade-php5-xmlwritersuse-upgrade-php5-xslsuse-upgrade-php5-zipsuse-upgrade-php5-zlibsuse-upgrade-php53suse-upgrade-php53-bcmathsuse-upgrade-php53-bz2suse-upgrade-php53-calendarsuse-upgrade-php53-ctypesuse-upgrade-php53-curlsuse-upgrade-php53-dbasuse-upgrade-php53-develsuse-upgrade-php53-domsuse-upgrade-php53-exifsuse-upgrade-php53-fastcgisuse-upgrade-php53-fileinfosuse-upgrade-php53-ftpsuse-upgrade-php53-gdsuse-upgrade-php53-gettextsuse-upgrade-php53-gmpsuse-upgrade-php53-iconvsuse-upgrade-php53-imapsuse-upgrade-php53-intlsuse-upgrade-php53-jsonsuse-upgrade-php53-ldapsuse-upgrade-php53-mbstringsuse-upgrade-php53-mcryptsuse-upgrade-php53-mysqlsuse-upgrade-php53-odbcsuse-upgrade-php53-opensslsuse-upgrade-php53-pcntlsuse-upgrade-php53-pdosuse-upgrade-php53-pearsuse-upgrade-php53-pgsqlsuse-upgrade-php53-posixsuse-upgrade-php53-pspellsuse-upgrade-php53-readlinesuse-upgrade-php53-shmopsuse-upgrade-php53-snmpsuse-upgrade-php53-soapsuse-upgrade-php53-socketssuse-upgrade-php53-sqlitesuse-upgrade-php53-suhosinsuse-upgrade-php53-sysvmsgsuse-upgrade-php53-sysvsemsuse-upgrade-php53-sysvshmsuse-upgrade-php53-tidysuse-upgrade-php53-tokenizersuse-upgrade-php53-wddxsuse-upgrade-php53-xmlreadersuse-upgrade-php53-xmlrpcsuse-upgrade-php53-xmlwritersuse-upgrade-php53-xslsuse-upgrade-php53-zipsuse-upgrade-php53-zlibsuse-upgrade-php7suse-upgrade-php7-bcmathsuse-upgrade-php7-bz2suse-upgrade-php7-calendarsuse-upgrade-php7-ctypesuse-upgrade-php7-curlsuse-upgrade-php7-dbasuse-upgrade-php7-develsuse-upgrade-php7-domsuse-upgrade-php7-enchantsuse-upgrade-php7-exifsuse-upgrade-php7-fastcgisuse-upgrade-php7-fileinfosuse-upgrade-php7-fpmsuse-upgrade-php7-ftpsuse-upgrade-php7-gdsuse-upgrade-php7-gettextsuse-upgrade-php7-gmpsuse-upgrade-php7-iconvsuse-upgrade-php7-imapsuse-upgrade-php7-intlsuse-upgrade-php7-jsonsuse-upgrade-php7-ldapsuse-upgrade-php7-mbstringsuse-upgrade-php7-mcryptsuse-upgrade-php7-mysqlsuse-upgrade-php7-odbcsuse-upgrade-php7-opcachesuse-upgrade-php7-opensslsuse-upgrade-php7-pcntlsuse-upgrade-php7-pdosuse-upgrade-php7-pearsuse-upgrade-php7-pear-archive_tarsuse-upgrade-php7-pgsqlsuse-upgrade-php7-pharsuse-upgrade-php7-posixsuse-upgrade-php7-pspellsuse-upgrade-php7-shmopsuse-upgrade-php7-snmpsuse-upgrade-php7-soapsuse-upgrade-php7-socketssuse-upgrade-php7-sqlitesuse-upgrade-php7-sysvmsgsuse-upgrade-php7-sysvsemsuse-upgrade-php7-sysvshmsuse-upgrade-php7-tokenizersuse-upgrade-php7-wddxsuse-upgrade-php7-xmlreadersuse-upgrade-php7-xmlrpcsuse-upgrade-php7-xmlwritersuse-upgrade-php7-xslsuse-upgrade-php7-zipsuse-upgrade-php7-zlib
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.