Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-8626
HistoryNov 23, 2014 - 2:59 a.m.

CVE-2014-8626

2014-11-2302:59:00
CWE-119
[email protected]
web.nvd.nist.gov
95
cve
2014
8626
php
buffer overflow
date_from_iso8601
xml-rpc
encoding
nvd
security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

High

0.08 Low

EPSS

Percentile

94.3%

JSON

Stack-based buffer overflow in the date_from_ISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in PHP before 5.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by including a timezone field in a date, leading to improper XML-RPC encoding.

Affected configurations

NVD
Node
phpphpRange5.2.6
OR
phpphpMatch5.2.0
OR
phpphpMatch5.2.1
OR
phpphpMatch5.2.2
OR
phpphpMatch5.2.3
OR
phpphpMatch5.2.4
OR
phpphpMatch5.2.5

Related

redhat 2
ubuntucve 1
openvas 4
nvd 1
prion 1
cvelist 1
veracode 1
nessus 6
oraclelinux 1
centos 1
redhat
redhat
(RHSA-2014:1825) Critical: php security update
2014-11-06 00:00:00
(RHSA-2014:1824) Important: php security update
2014-11-06 00:00:00
ubuntucve
ubuntucve
CVE-2014-8626
2014-11-23 00:00:00
openvas
openvas
PHP Multiple Buffer Overflow Vulnerabilities (Jan 2015)
2015-01-06 00:00:00
Oracle: Security Advisory (ELSA-2014-1824)
2015-10-06 00:00:00
RedHat Update for php RHSA-2014:1824-01
2014-11-07 00:00:00
nvd
nvd
CVE-2014-8626
2014-11-23 02:59:00
prion
prion
Stack overflow
2014-11-23 02:59:00
cvelist
cvelist
CVE-2014-8626
2014-11-23 02:00:00
veracode
veracode
Memory Corruption And Code Execution
2019-05-02 05:13:12
nessus
nessus
Scientific Linux Security Update : php on SL5.x i386/x86_64 (20141106)
2014-11-10 00:00:00
RHEL 5 : php (RHSA-2014:1824)
2014-11-07 00:00:00
Oracle Linux 5 : php (ELSA-2014-1824)
2014-11-07 00:00:00
oraclelinux
oraclelinux
php security update
2014-11-06 00:00:00
centos
centos
php security update
2014-11-06 18:30:07

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

High

0.08 Low

EPSS

Percentile

94.3%

JSON
Related for CVE-2014-8626
redhat2ubuntucve1openvas4nvd1prion1cvelist1veracode1nessus6oraclelinux1centos1