6.8
CVE-2007-1660
- EPSS 4.08%
- Veröffentlicht 07.11.2007 23:46:00
- Zuletzt bearbeitet 16.06.2026 22:38:03
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.08% | 0.894 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://docs.info.apple.com/article.html?artnum=307562
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://www.vupen.com/english/advisories/2008/0924/references
http://secunia.com/advisories/29420
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
http://secunia.com/advisories/27773
http://secunia.com/advisories/28658
http://www.novell.com/linux/security/advisories/2007_62_pcre.html
http://docs.info.apple.com/article.html?artnum=307179
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
http://secunia.com/advisories/28136
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
http://www.vupen.com/english/advisories/2007/4238
http://secunia.com/advisories/27965
http://www.novell.com/linux/security/advisories/2007_25_sr.html
http://lists.vmware.com/pipermail/security-announce/2008/000014.html
http://secunia.com/advisories/29785
http://www.securityfocus.com/archive/1/490917/100/0/threaded
http://www.vupen.com/english/advisories/2008/1234/references
http://bugs.gentoo.org/show_bug.cgi?id=198976
http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html
http://secunia.com/advisories/27538
http://secunia.com/advisories/27543
http://secunia.com/advisories/27547
http://secunia.com/advisories/27554
http://secunia.com/advisories/27598
http://secunia.com/advisories/27697
http://secunia.com/advisories/27741
http://secunia.com/advisories/28406
http://secunia.com/advisories/28414
http://secunia.com/advisories/28714
http://secunia.com/advisories/28720
http://secunia.com/advisories/30106
http://secunia.com/advisories/30155
http://secunia.com/advisories/30219
http://security.gentoo.org/glsa/glsa-200711-30.xml
http://security.gentoo.org/glsa/glsa-200801-02.xml
http://security.gentoo.org/glsa/glsa-200801-18.xml
http://security.gentoo.org/glsa/glsa-200801-19.xml
http://security.gentoo.org/glsa/glsa-200805-11.xml
http://securitytracker.com/id?1018895
http://www.debian.org/security/2007/dsa-1399
http://www.debian.org/security/2008/dsa-1570
http://www.mandriva.com/security/advisories?name=MDKSA-2007:211
http://www.mandriva.com/security/advisories?name=MDKSA-2007:212
http://www.redhat.com/support/errata/RHSA-2007-0967.html
http://www.securityfocus.com/archive/1/483357/100/0/threaded
http://www.securityfocus.com/archive/1/483579/100/0/threaded
http://www.securityfocus.com/bid/26346
http://www.vupen.com/english/advisories/2007/3725
http://www.vupen.com/english/advisories/2007/3790
https://issues.rpath.com/browse/RPL-1738
https://usn.ubuntu.com/547-1/
http://secunia.com/advisories/27776
http://secunia.com/advisories/27862
http://secunia.com/advisories/31124
http://support.avaya.com/elmodocs2/security/ASA-2007-488.htm
http://www.mandriva.com/security/advisories?name=MDKSA-2007:213
http://www.redhat.com/support/errata/RHSA-2007-0968.html
http://www.redhat.com/support/errata/RHSA-2007-1063.html
http://www.redhat.com/support/errata/RHSA-2007-1065.html
http://www.redhat.com/support/errata/RHSA-2008-0546.html
https://bugzilla.redhat.com/show_bug.cgi?id=315881
https://exchange.xforce.ibmcloud.com/vulnerabilities/38273
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10562