Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD up to and including 6.1.5 and other products, might allow context-dependent malicious users to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rxspencer project rxspencer 3.8.g5 |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |
||
canonical ubuntu linux 14.10 |
||
canonical ubuntu linux 15.04 |
||
opensuse opensuse 13.1 |
||
opensuse opensuse 13.2 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 12.04 |
||
php php |