Description
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145.
Remediation
References
Related Vulnerabilities
Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4)
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.10)
WordPress Plugin wp-football Multiple Cross-Site Scripting Vulnerabilities (1.1)
WordPress Plugin Easy2Map Multiple Vulnerabilities (1.2.9)
WordPress Plugin AJAX Post Search 'srch_txt' Parameter SQL Injection (1.2)