Unrated severityNVD Advisory· Published Nov 23, 2014· Updated Jun 17, 2026
CVE-2014-8626
CVE-2014-8626
Description
Stack-based buffer overflow in the date_from_ISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in PHP before 5.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by including a timezone field in a date, leading to improper XML-RPC encoding.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:php:php:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*range: <=5.2.6
- cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*
- (no CPE)range: <5.2.7
Patches
Vulnerability mechanics
References
8News mentions
0No linked articles in our index yet.