Published: 14/11/2007 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Subscribe to Pcre

Integer overflow in Perl-Compatible Regular Expression (PCRE) library prior to 6.7 might allow context-dependent malicious users to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pcre pcre

Andrews Salomon reported that kazehakase, a GTK+-based web browser that allows pluggable rendering engines, contained an embedded copy of the PCRE library in its source tree which was compiled in and used in preference to the system-wide version of this library The PCRE library has been updated to fix the security issues reported against it in pre ...

CWE-189 http://scary.beasts.org/security/CESA-2007-006.html http://www.pcre.org/changelog.txt http://secunia.com/advisories/27582 https://bugzilla.redhat.com/show_bug.cgi?id=383371 http://security.gentoo.org/glsa/glsa-200711-30.xml http://www.redhat.com/support/errata/RHSA-2007-1063.html http://www.redhat.com/support/errata/RHSA-2007-1065.html http://www.redhat.com/support/errata/RHSA-2007-1059.html http://www.redhat.com/support/errata/RHSA-2007-1068.html http://www.redhat.com/support/errata/RHSA-2007-1076.html http://www.redhat.com/support/errata/RHSA-2007-1077.html http://www.novell.com/linux/security/advisories/2007_62_pcre.html http://www.securityfocus.com/bid/26462 http://secunia.com/advisories/27741 http://secunia.com/advisories/27773 http://secunia.com/advisories/27776 http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm http://secunia.com/advisories/28027 http://secunia.com/advisories/28050 http://secunia.com/advisories/28041 http://bugs.gentoo.org/show_bug.cgi?id=198976 http://security.gentoo.org/glsa/glsa-200801-02.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:012 http://secunia.com/advisories/28406 http://secunia.com/advisories/28414 http://security.gentoo.org/glsa/glsa-200801-18.xml http://security.gentoo.org/glsa/glsa-200801-19.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:030 http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html http://secunia.com/advisories/28658 http://secunia.com/advisories/28714 http://secunia.com/advisories/28720 http://lists.vmware.com/pipermail/security-announce/2008/000005.html http://security.gentoo.org/glsa/glsa-200802-10.xml http://secunia.com/advisories/29032 http://secunia.com/advisories/29085 http://lists.vmware.com/pipermail/security-announce/2008/000014.html http://secunia.com/advisories/29785 http://security.gentoo.org/glsa/glsa-200805-11.xml http://secunia.com/advisories/30155 http://secunia.com/advisories/30219 http://www.redhat.com/support/errata/RHSA-2008-0546.html http://secunia.com/advisories/31124 http://www.debian.org/security/2008/dsa-1570 http://secunia.com/advisories/30106 http://www.vupen.com/english/advisories/2008/1234/references http://www.vupen.com/english/advisories/2008/0637 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10810 http://www.securityfocus.com/archive/1/490917/100/0/threaded http://www.securityfocus.com/archive/1/488457/100/0/threaded https://nvd.nist.gov https://www.debian.org/security/./dsa-1570

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook