CVE-2008-2371

 

Published at: - 08-07-2008 01:41

Last modified: - 01-08-2022 05:54

Total changes: - 2

Description

Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:P/I:P/A:P

 

Verification logic

 

Reference

• http://bugs.gentoo.org/show_bug.cgi?id=228091
• DSA-1602-Third Party Advisory
• SUSE-SR:2008:014-Mailing List, Third Party Advisory
• 30916-Not Applicable
• 30944-Not Applicable
• 30958-Not Applicable
• 30961-Not Applicable
• USN-624-1-Third Party Advisory
• 30967-Not Applicable
• MDVSA-2008:147-Broken Link, Third Party Advisory
• FEDORA-2008-6048-Third Party Advisory
• GLSA-200807-03-Third Party Advisory
• http://ftp.gnome.org/pub/GNOME/sources/glib/2.16/glib-2.16.4.changes
• 31200-Not Applicable
• USN-628-1-Third Party Advisory
• 30972-Not Applicable
• 30087-Third Party Advisory, VDB Entry
• 30990-Not Applicable
• FEDORA-2008-6025-Third Party Advisory
• 30945-Not Applicable
• APPLE-SA-2008-10-09-Mailing List
• 31681-Third Party Advisory, VDB Entry
• 32222-Not Applicable
• http://support.apple.com/kb/HT3216
• 32454-Not Applicable
• http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0305
• MDVSA-2009:023-Broken Link, Third Party Advisory
• ADV-2008-2336-Permissions Required, Third Party Advisory
• http://support.apple.com/kb/HT3549
• ADV-2009-1297-Permissions Required, Third Party Advisory
• TA09-133A-Third Party Advisory, US Government Resource
• APPLE-SA-2009-05-12-Mailing List
• 35074-Not Applicable
• 35650-Not Applicable
• SSRT090085-Issue Tracking, Third Party Advisory
• HPSBUX02465-Issue Tracking, Third Party Advisory
• USN-624-2-Third Party Advisory
• ADV-2010-0833-Permissions Required, Third Party Advisory
• 39300-Not Applicable
• ADV-2008-2005-Permissions Required, Third Party Advisory
• ADV-2008-2006-Permissions Required, Third Party Advisory
• ADV-2008-2780-Permissions Required, Third Party Advisory
• 32746-Not Applicable
• GLSA-200811-05-Third Party Advisory
• 20081027 rPSA-2008-0305-1 pcre-Third Party Advisory, VDB Entry

 

Keywords

NVD

 

CVE-2008-2371

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures