Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2017-7244

Published: 23/03/2017 Updated: 17/08/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 384
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Pcre

Vulnerability Summary

The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote malicious users to cause a denial of service (invalid memory read) via a crafted file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

pcre pcre 8.40

Vendor Advisories

Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2429 security update Type/Severity Security Advisory: Important Topic Red Hat JBoss Core Services Pack Apache Server 2429 packages for Microsoft Windows and Oracle Solaris are now availableRed Hat Product Security has rated this release ...
Debian CVElist Bug Report Logs: pcre3: CVE-2017-7186
Debian Bug report logs - #858230 pcre3: CVE-2017-7186 Package: src:pcre3; Maintainer for src:pcre3 is Matthew Vernon <matthew@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 20 Mar 2017 06:06:01 UTC Severity: important Tags: fixed-upstream, patch, security, upstream Found in versions pc ...
Debian CVElist Bug Report Logs: pcre3: CVE-2017-7244
Debian Bug report logs - #858683 pcre3: CVE-2017-7244 Package: src:pcre3; Maintainer for src:pcre3 is Matthew Vernon <matthew@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 25 Mar 2017 07:48:05 UTC Severity: important Tags: fixed-upstream, security, upstream Found in version pcre3/2:8 ...
Arch Linux Issues:
A stack-based read buffer overflow has been found in libpcre <= 840, in the pcretest utility It can lead to denial of service via a crafted expression passed to the pcretest command ...

References

CWE-125https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/http://www.securityfocus.com/bid/97067https://security.gentoo.org/glsa/201710-25https://access.redhat.com/errata/RHSA-2018:2486https://access.redhat.com/errata/RHSA-2018:2486https://nvd.nist.govhttps://security.archlinux.org/CVE-2017-7244
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgeryCVE-2024-34351CVE-2024-1076CVE-2024-25522CVE-2024-34547CVE-2024-4644unauthorizedremoteCVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook