Published: 18/02/2008 Updated: 15/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Buffer overflow in PCRE prior to 7.6 allows remote malicious users to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pcre pcre

It was discovered that PCRE did not correctly handle very long strings containing UTF8 sequences In certain situations, an attacker could exploit applications linked against PCRE by tricking a user or automated system in processing a malicious regular expression leading to a denial of service or possibly arbitrary code execution ...

CWE-119 http://pcre.org/changelog.txt https://bugzilla.redhat.com/show_bug.cgi?id=431660 http://ftp.gnome.org/pub/gnome/sources/glib/2.14/glib-2.14.6.news http://www.debian.org/security/2008/dsa-1499 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00371.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00632.html http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html http://www.securityfocus.com/bid/27786 http://secunia.com/advisories/28923 http://secunia.com/advisories/28960 http://secunia.com/advisories/28985 http://secunia.com/advisories/28996 http://secunia.com/advisories/28957 http://secunia.com/advisories/29027 http://secunia.com/advisories/29048 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0086 https://issues.rpath.com/browse/RPL-2223 http://www.mandriva.com/security/advisories?name=MDVSA-2008:053 http://secunia.com/advisories/29175 http://wiki.rpath.com/Advisories:rPSA-2008-0086 https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html http://secunia.com/advisories/29267 http://security.gentoo.org/glsa/glsa-200803-24.xml http://secunia.com/advisories/29282 http://www.openwall.com/lists/oss-security/2008/05/02/2 http://www.php.net/ChangeLog-5.php http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176 https://issues.rpath.com/browse/RPL-2503 http://www.securityfocus.com/bid/29009 http://secunia.com/advisories/30048 http://secunia.com/advisories/30345 http://secunia.com/advisories/31326 http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://www.securityfocus.com/bid/31681 http://support.apple.com/kb/HT3216 http://secunia.com/advisories/32222 http://support.apple.com/kb/HT3757 http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html http://www.vupen.com/english/advisories/2009/2172 http://secunia.com/advisories/36096 http://www.securitytracker.com/id?1022674 http://www.us-cert.gov/cas/techalerts/TA09-218A.html http://www.vupen.com/english/advisories/2008/2268 http://www.vupen.com/english/advisories/2008/2780 http://www.vupen.com/english/advisories/2008/0592 http://www.vupen.com/english/advisories/2008/1412 http://www.vupen.com/english/advisories/2008/0570 http://secunia.com/advisories/32746 http://security.gentoo.org/glsa/glsa-200811-05.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/40505 https://usn.ubuntu.com/581-1/http://www.securityfocus.com/archive/1/492535/100/0/threaded http://www.securityfocus.com/archive/1/488927/100/0/threaded https://usn.ubuntu.com/581-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-0674

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect