Description
Stack-based buffer overflow in the date_from_ISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in PHP before 5.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by including a timezone field in a date, leading to improper XML-RPC encoding.
Remediation
References
Related Vulnerabilities
WordPress Plugin MailCWP Arbitrary File Upload (1.99)
WordPress Plugin Add Link to Facebook Multiple Cross-Site Scripting Vulnerabilities (1.215)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-9546)
WordPress Plugin Schreikasten SQL Injection (0.14.18)
IBM RTC Improper Privilege Management Vulnerability (CVE-2021-29774)