Unrated severityNVD Advisory· Published Nov 28, 2013· Updated Jun 17, 2026
CVE-2013-6712
CVE-2013-6712
Description
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
17cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 4 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
- osv-coords3 versionspkg:rpm/opensuse/php5&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/php7&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/php8&distro=openSUSE%20Tumbleweed
< 5.6.28-1.1+ 2 more
- (no CPE)range: < 5.6.28-1.1
- (no CPE)range: < 7.0.14-1.4
- (no CPE)range: < 8.0.11-1.1
Patches
Vulnerability mechanics
References
10- bugs.php.net/bug.phpnvdIssue TrackingPatchVendor Advisory
- lists.apple.com/archives/security-announce/2015/Apr/msg00001.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-12/msg00125.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-12/msg00126.htmlnvdMailing ListThird Party Advisory
- rhn.redhat.com/errata/RHSA-2014-1765.htmlnvdThird Party Advisory
- www.debian.org/security/2013/dsa-2816nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2055-1nvdThird Party Advisory
- h20564.www2.hp.com/hpsc/doc/public/displaynvdThird Party Advisory
- support.apple.com/HT204659nvdThird Party Advisory
- git.php.netnvd
News mentions
0No linked articles in our index yet.