7.5

CVE-2008-0674

EPSS 23.42%
Published 18.02.2008 23:00:00
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.

Affected products Warnungen 0 Metrics 2 CWE 1 References 57

Data is provided by the National Vulnerability Database (NVD)

Pcre ≫ Pcre Version <= 7.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	23.42%	0.954

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html

http://secunia.com/advisories/32222

http://support.apple.com/kb/HT3216

http://www.securityfocus.com/bid/31681

http://www.vupen.com/english/advisories/2008/2780

http://www.php.net/ChangeLog-5.php

http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html

http://secunia.com/advisories/31326

http://www.vupen.com/english/advisories/2008/2268

http://secunia.com/advisories/29267

https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html

http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html

http://secunia.com/advisories/29048

http://secunia.com/advisories/30048

http://www.openwall.com/lists/oss-security/2008/05/02/2

http://www.securityfocus.com/bid/29009

http://www.vupen.com/english/advisories/2008/1412

http://ftp.gnome.org/pub/gnome/sources/glib/2.14/glib-2.14.6.news

http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html

http://pcre.org/changelog.txt

http://secunia.com/advisories/28923

http://secunia.com/advisories/28957

http://secunia.com/advisories/28960

http://secunia.com/advisories/28985

http://secunia.com/advisories/28996

http://secunia.com/advisories/29027

http://secunia.com/advisories/29175

http://secunia.com/advisories/29282

http://secunia.com/advisories/30345

http://secunia.com/advisories/32746

http://secunia.com/advisories/36096

http://security.gentoo.org/glsa/glsa-200803-24.xml

http://security.gentoo.org/glsa/glsa-200811-05.xml

http://support.apple.com/kb/HT3757

http://wiki.rpath.com/Advisories:rPSA-2008-0086

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0086

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176

http://www.debian.org/security/2008/dsa-1499

http://www.mandriva.com/security/advisories?name=MDVSA-2008:053

http://www.securityfocus.com/archive/1/488927/100/0/threaded

http://www.securityfocus.com/archive/1/492535/100/0/threaded

http://www.securityfocus.com/bid/27786

http://www.securitytracker.com/id?1022674

http://www.us-cert.gov/cas/techalerts/TA09-218A.html

US Government Resource

http://www.vupen.com/english/advisories/2008/0570

http://www.vupen.com/english/advisories/2008/0592

http://www.vupen.com/english/advisories/2009/2172

https://bugzilla.redhat.com/show_bug.cgi?id=431660

https://exchange.xforce.ibmcloud.com/vulnerabilities/40505

https://issues.rpath.com/browse/RPL-2223

https://issues.rpath.com/browse/RPL-2503

https://usn.ubuntu.com/581-1/

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00371.html

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00632.html

https://nvd.nist.gov/vuln/detail/CVE-2008-0674

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-0674

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-0674

EUVD