Published: 23/08/2005 Updated: 14/02/2024

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) prior to 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows malicious users to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pcre pcre 5.0
pcre pcre 6.0
pcre pcre 6.1

Synopsis pcre security update Type/Severity Security Advisory: Moderate Topic Updated pcre packages are now available to correct a security issueThis update has been rated as having moderate security impact by theRed Hat Security Response Team Description PCRE is a Perl-compatible regular ...

Synopsis exim security update Type/Severity Security Advisory: Moderate Topic Updated exim packages that fix a security issue in PCRE and a free spacecomputation on large file system bug are now available for Red HatEnterprise Linux 4This update has been rated as having moderate security impact by the RedH ...

USN-173-1 fixed a buffer overflow vulnerability in the PCRE library However, it was determined that this did not suffice to prevent all possible overflows, so another update is necessary ...

A buffer overflow has been discovered in the PCRE, a widely used library that provides Perl compatible regular expressions Specially crafted regular expressions triggered a buffer overflow On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the applica ...

USN-173-1 fixed a buffer overflow vulnerability in the PCRE library However, it was found that the various python packages and gnumeric contain static copies of the library code, so these packages need to be updated as well ...

An integer overflow with a subsequent buffer overflow has been detected in PCRE, the Perl Compatible Regular Expressions library, which allows an attacker to execute arbitrary code, and is also present in Python Exploiting this vulnerability requires an attacker to specify the used regular expression For the old stable distribution (woody) this p ...

An integer overflow with subsequent buffer overflow has been detected in PCRE, the Perl Compatible Regular Expressions library, which allows an attacker to execute arbitrary code Since several packages link dynamically to this library you are advised to restart the corresponding services or programs respectively The command “apt-cache showpkg l ...

NVD-CWE-Other http://www.securityfocus.com/bid/14620 http://securitytracker.com/id?1014744 http://www.debian.org/security/2005/dsa-800 http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml http://www.redhat.com/support/errata/RHSA-2005-761.html http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml http://www.debian.org/security/2005/dsa-819 http://www.debian.org/security/2005/dsa-817 http://www.debian.org/security/2005/dsa-821 http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://www.ethereal.com/appnotes/enpa-sa-00021.html http://www.php.net/release_4_4_1.php http://docs.info.apple.com/article.html?artnum=302847 http://www.securityfocus.com/bid/15647 http://secunia.com/advisories/17813 http://secunia.com/advisories/16502 http://secunia.com/advisories/16679 http://www.redhat.com/support/errata/RHSA-2006-0197.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 http://secunia.com/advisories/19072 http://www.redhat.com/support/errata/RHSA-2005-358.html ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt http://secunia.com/advisories/19193 http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf http://secunia.com/advisories/17252 ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U http://secunia.com/advisories/19532 http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://www.novell.com/linux/security/advisories/2005_48_pcre.html http://www.novell.com/linux/security/advisories/2005_49_php.html http://www.novell.com/linux/security/advisories/2005_52_apache2.html http://support.avaya.com/elmodocs2/security/ASA-2006-159.htm http://secunia.com/advisories/21522 http://secunia.com/advisories/22691 http://secunia.com/advisories/22875 http://securityreason.com/securityalert/604 http://www.vupen.com/english/advisories/2006/0789 http://www.vupen.com/english/advisories/2006/4502 http://www.vupen.com/english/advisories/2006/4320 http://www.vupen.com/english/advisories/2005/1511 http://www.vupen.com/english/advisories/2005/2659 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522 http://marc.info/?l=bugtraq&m=130497311408250&w=2 http://marc.info/?l=bugtraq&m=112606064317223&w=2 http://marc.info/?l=bugtraq&m=112605112027335&w=2 http://www.gentoo.org/security/en/glsa/glsa-200509-08.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A735 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1659 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1496 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11516 http://www.securityfocus.com/archive/1/428138/100/0/threaded http://www.securityfocus.com/archive/1/427046/100/0/threaded https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E https://access.redhat.com/errata/RHSA-2005:761 https://nvd.nist.gov https://usn.ubuntu.com/173-2/

Get Started

CVE-2005-2491

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect