The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.3%.
PHP
Buffer Overflow
Denial Of Service
Mac Os X
Opensuse
+2
NVD
CVSS 2.0
5.0
EPSS
17.3%