Published: 20/03/2017 Updated: 17/08/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote malicious users to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pcre pcre2 10.23
pcre pcre 8.40

Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2429 security update Type/Severity Security Advisory: Important Topic Red Hat JBoss Core Services Pack Apache Server 2429 packages for Microsoft Windows and Oracle Solaris are now availableRed Hat Product Security has rated this release ...

PCRE could be made to crash if it received specially crafted input ...

Debian Bug report logs - #858230 pcre3: CVE-2017-7186 Package: src:pcre3; Maintainer for src:pcre3 is Matthew Vernon <matthew@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 20 Mar 2017 06:06:01 UTC Severity: important Tags: fixed-upstream, patch, security, upstream Found in versions pc ...

Debian Bug report logs - #858683 pcre3: CVE-2017-7244 Package: src:pcre3; Maintainer for src:pcre3 is Matthew Vernon <matthew@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 25 Mar 2017 07:48:05 UTC Severity: important Tags: fixed-upstream, security, upstream Found in version pcre3/2:8 ...

libpcre1 in PCRE 840 and libpcre2 in PCRE2 1023 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup ...

CWE-119 https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_ucd.c?r1=316&r2=670&sortby=date https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_internal.h?r1=600&r2=670&sortby=date https://vcs.pcre.org/pcre/code/trunk/pcre_ucd.c?r1=1490&r2=1688&sortby=date https://vcs.pcre.org/pcre/code/trunk/pcre_internal.h?r1=1649&r2=1688&sortby=date https://bugs.exim.org/show_bug.cgi?id=2052 https://blogs.gentoo.org/ago/2017/03/14/libpcre-invalid-memory-read-in-match-pcre_exec-c/http://www.securityfocus.com/bid/97030 https://security.gentoo.org/glsa/201710-09 https://security.gentoo.org/glsa/201710-25 https://access.redhat.com/errata/RHSA-2018:2486 https://access.redhat.com/errata/RHSA-2018:2486 https://ubuntu.com/security/notices/USN-5665-1 https://nvd.nist.gov

CVE-2017-7186

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect