What is the severity of CVE-2014-8626?

CVE-2014-8626 has a severity level that can lead to denial of service or potentially arbitrary code execution.

How do I fix CVE-2014-8626?

To fix CVE-2014-8626, upgrade PHP to version 5.2.7 or later.

Which versions of PHP are affected by CVE-2014-8626?

CVE-2014-8626 affects PHP versions prior to 5.2.7, including 5.2.0 to 5.2.6.

Can CVE-2014-8626 be exploited remotely?

Yes, CVE-2014-8626 can be exploited remotely by attackers through crafted XML-RPC requests.

What is the impact of CVE-2014-8626 on applications?

The impact of CVE-2014-8626 includes potential application crashes and the risk of arbitrary code execution.

Vulnerability/
CVE-2014-8626

high

7.5

CWE

119

22/10/2014

23/11/2014

6/8/2024

CVE-2014-8626: Buffer Overflow

First published: Wed Oct 22 2014(Updated: )

Stack-based buffer overflow in the date_from_ISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in PHP before 5.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by including a timezone field in a date, leading to improper XML-RPC encoding.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/php	<5.2.7	5.2.7
redhat/php	<5.3	5.3
PHP	<=5.2.6
PHP	=5.2.0
PHP	=5.2.1
PHP	=5.2.2
PHP	=5.2.3
PHP	=5.2.4
PHP	=5.2.5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-8626?
CVE-2014-8626 has a severity level that can lead to denial of service or potentially arbitrary code execution.
How do I fix CVE-2014-8626?
To fix CVE-2014-8626, upgrade PHP to version 5.2.7 or later.
Which versions of PHP are affected by CVE-2014-8626?
CVE-2014-8626 affects PHP versions prior to 5.2.7, including 5.2.0 to 5.2.6.
Can CVE-2014-8626 be exploited remotely?
Yes, CVE-2014-8626 can be exploited remotely by attackers through crafted XML-RPC requests.
What is the impact of CVE-2014-8626 on applications?
The impact of CVE-2014-8626 includes potential application crashes and the risk of arbitrary code execution.

agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2014-8626
agent/software-canonical-lookup
agent/severity
agent/references
agent/last-modified-date
agent/weakness
agent/author
agent/event
agent/description
agent/trending
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
package-manager/redhat
vendor/php
canonical/php
version/php/5.2.6
version/php/5.2.0
version/php/5.2.1
version/php/5.2.2
version/php/5.2.3
version/php/5.2.4
version/php/5.2.5

Frequently Asked Questions

What is the severity of CVE-2014-8626?
CVE-2014-8626 has a severity level that can lead to denial of service or potentially arbitrary code execution.
How do I fix CVE-2014-8626?
To fix CVE-2014-8626, upgrade PHP to version 5.2.7 or later.
Which versions of PHP are affected by CVE-2014-8626?
CVE-2014-8626 affects PHP versions prior to 5.2.7, including 5.2.0 to 5.2.6.
Can CVE-2014-8626 be exploited remotely?
Yes, CVE-2014-8626 can be exploited remotely by attackers through crafted XML-RPC requests.
What is the impact of CVE-2014-8626 on applications?
The impact of CVE-2014-8626 includes potential application crashes and the risk of arbitrary code execution.

CVE-2014-8626: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-8626?

How do I fix CVE-2014-8626?

Which versions of PHP are affected by CVE-2014-8626?

Can CVE-2014-8626 be exploited remotely?

What is the impact of CVE-2014-8626 on applications?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2014-8626?

How do I fix CVE-2014-8626?

Which versions of PHP are affected by CVE-2014-8626?

Can CVE-2014-8626 be exploited remotely?

What is the impact of CVE-2014-8626 on applications?