6.8
CVE-2007-1659
- EPSS 3.53%
- Veröffentlicht 07.11.2007 23:46:00
- Zuletzt bearbeitet 16.06.2026 22:38:02
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.53% | 0.877 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://docs.info.apple.com/article.html?artnum=307562
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://www.vupen.com/english/advisories/2008/0924/references
http://secunia.com/advisories/29420
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
http://secunia.com/advisories/27773
http://secunia.com/advisories/28658
http://www.mandriva.com/security/advisories?name=MDVSA-2008:030
http://www.novell.com/linux/security/advisories/2007_62_pcre.html
http://www.pcre.org/changelog.txt
http://docs.info.apple.com/article.html?artnum=307179
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
http://secunia.com/advisories/28136
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
http://www.vupen.com/english/advisories/2007/4238
http://secunia.com/advisories/27965
http://www.novell.com/linux/security/advisories/2007_25_sr.html
http://bugs.gentoo.org/show_bug.cgi?id=198976
http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html
http://secunia.com/advisories/27538
http://secunia.com/advisories/27543
http://secunia.com/advisories/27547
http://secunia.com/advisories/27554
http://secunia.com/advisories/27598
http://secunia.com/advisories/27697
http://secunia.com/advisories/27741
http://secunia.com/advisories/28041
http://secunia.com/advisories/28406
http://secunia.com/advisories/28414
http://secunia.com/advisories/28714
http://secunia.com/advisories/28720
http://secunia.com/advisories/29267
http://secunia.com/advisories/30106
http://secunia.com/advisories/30155
http://secunia.com/advisories/30219
http://security.gentoo.org/glsa/glsa-200711-30.xml
http://security.gentoo.org/glsa/glsa-200801-02.xml
http://security.gentoo.org/glsa/glsa-200801-18.xml
http://security.gentoo.org/glsa/glsa-200801-19.xml
http://security.gentoo.org/glsa/glsa-200805-11.xml
http://securitytracker.com/id?1018895
http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm
http://www.debian.org/security/2007/dsa-1399
http://www.debian.org/security/2008/dsa-1570
http://www.mandriva.com/security/advisories?name=MDKSA-2007:211
http://www.mandriva.com/security/advisories?name=MDKSA-2007:212
http://www.redhat.com/support/errata/RHSA-2007-0967.html
http://www.redhat.com/support/errata/RHSA-2007-1068.html
http://www.securityfocus.com/archive/1/483357/100/0/threaded
http://www.securityfocus.com/archive/1/483579/100/0/threaded
http://www.securityfocus.com/bid/26346
http://www.vupen.com/english/advisories/2007/3725
http://www.vupen.com/english/advisories/2007/3790
https://exchange.xforce.ibmcloud.com/vulnerabilities/38272
https://issues.rpath.com/browse/RPL-1738
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9725
https://usn.ubuntu.com/547-1/
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html