7.5

CVE-2005-2491

Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PcrePcre Version5.0
PcrePcre Version6.0
PcrePcre Version6.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.34% 0.9
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
http://marc.info/?l=bugtraq&m=130497311408250&w=2
http://secunia.com/advisories/19072
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
http://www.vupen.com/english/advisories/2006/0789
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
http://secunia.com/advisories/19532
http://secunia.com/advisories/17252
http://secunia.com/advisories/22875
http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf
http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf
http://www.vupen.com/english/advisories/2006/4502
http://docs.info.apple.com/article.html?artnum=302847
http://secunia.com/advisories/17813
http://www.securityfocus.com/bid/15647
http://www.vupen.com/english/advisories/2005/2659
http://marc.info/?l=bugtraq&m=112605112027335&w=2
http://www.novell.com/linux/security/advisories/2005_49_php.html
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
http://securityreason.com/securityalert/604
http://www.securityfocus.com/archive/1/428138/100/0/threaded
http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
http://marc.info/?l=bugtraq&m=112606064317223&w=2
http://secunia.com/advisories/16502
http://secunia.com/advisories/16679
http://secunia.com/advisories/19193
http://secunia.com/advisories/21522
http://secunia.com/advisories/22691
http://securitytracker.com/id?1014744
Patch
http://support.avaya.com/elmodocs2/security/ASA-2006-159.htm
http://www.debian.org/security/2005/dsa-800
http://www.debian.org/security/2005/dsa-817
http://www.debian.org/security/2005/dsa-819
http://www.debian.org/security/2005/dsa-821
http://www.ethereal.com/appnotes/enpa-sa-00021.html
URL Repurposed
http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml
http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml
http://www.gentoo.org/security/en/glsa/glsa-200509-08.xml
http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml
http://www.novell.com/linux/security/advisories/2005_48_pcre.html
http://www.novell.com/linux/security/advisories/2005_52_apache2.html
http://www.php.net/release_4_4_1.php
http://www.redhat.com/support/errata/RHSA-2005-358.html
http://www.redhat.com/support/errata/RHSA-2005-761.html
http://www.redhat.com/support/errata/RHSA-2006-0197.html
http://www.securityfocus.com/archive/1/427046/100/0/threaded
http://www.securityfocus.com/bid/14620
http://www.vupen.com/english/advisories/2005/1511
http://www.vupen.com/english/advisories/2006/4320
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11516
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1496
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1659
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A735