7.5

CVE-2008-0674

Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PcrePcre Version <= 7.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.91% 0.923
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
http://secunia.com/advisories/32222
http://support.apple.com/kb/HT3216
http://www.securityfocus.com/bid/31681
http://www.vupen.com/english/advisories/2008/2780
http://www.php.net/ChangeLog-5.php
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
http://secunia.com/advisories/31326
http://www.vupen.com/english/advisories/2008/2268
http://secunia.com/advisories/29267
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html
http://secunia.com/advisories/29048
http://secunia.com/advisories/30048
http://www.openwall.com/lists/oss-security/2008/05/02/2
http://www.securityfocus.com/bid/29009
http://www.vupen.com/english/advisories/2008/1412
http://ftp.gnome.org/pub/gnome/sources/glib/2.14/glib-2.14.6.news
http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html
http://pcre.org/changelog.txt
http://secunia.com/advisories/28923
http://secunia.com/advisories/28957
http://secunia.com/advisories/28960
http://secunia.com/advisories/28985
http://secunia.com/advisories/28996
http://secunia.com/advisories/29027
http://secunia.com/advisories/29175
http://secunia.com/advisories/29282
http://secunia.com/advisories/30345
http://secunia.com/advisories/32746
http://secunia.com/advisories/36096
http://security.gentoo.org/glsa/glsa-200803-24.xml
http://security.gentoo.org/glsa/glsa-200811-05.xml
http://support.apple.com/kb/HT3757
http://wiki.rpath.com/Advisories:rPSA-2008-0086
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0086
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176
http://www.debian.org/security/2008/dsa-1499
http://www.mandriva.com/security/advisories?name=MDVSA-2008:053
http://www.securityfocus.com/archive/1/488927/100/0/threaded
http://www.securityfocus.com/archive/1/492535/100/0/threaded
http://www.securityfocus.com/bid/27786
http://www.securitytracker.com/id?1022674
http://www.us-cert.gov/cas/techalerts/TA09-218A.html
US Government Resource
http://www.vupen.com/english/advisories/2008/0570
http://www.vupen.com/english/advisories/2008/0592
http://www.vupen.com/english/advisories/2009/2172
https://bugzilla.redhat.com/show_bug.cgi?id=431660
https://exchange.xforce.ibmcloud.com/vulnerabilities/40505
https://issues.rpath.com/browse/RPL-2223
https://issues.rpath.com/browse/RPL-2503
https://usn.ubuntu.com/581-1/
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00371.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00632.html