CVE-2005-2491 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-2491
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-2491

Description: Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.

CVE Status: Candidate

References: TRUSTIX http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html SUSE http://www.novell.com/linux/security/advisories/2005_52_apache2.html http://www.novell.com/linux/security/advisories/2005_49_php.html http://marc.theaimsgroup.com/?l=bugtraq&m=112605112027335&w=2 http://www.novell.com/linux/security/advisories/2005_48_pcre.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 ST 1014744 SREASON http://securityreason.com/securityalert/604 SGI SCO SAID Secunia Advisory: SA19532 Secunia Advisory: SA16679 Secunia Advisory: SA19072 Secunia Advisory: SA17813 Secunia Advisory: SA16502 Secunia Advisory: SA19193 Secunia Advisory: SA17252 Secunia Advisory: SA21522 Secunia Advisory: SA22691 Secunia Advisory: SA22875 REDHAT http://www.redhat.com/support/errata/RHSA-2005-761.html http://www.redhat.com/support/errata/RHSA-2005-358.html http://www.redhat.com/support/errata/RHSA-2006-0197.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1659 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1496 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:735 OPENPKG http://marc.theaimsgroup.com/?l=bugtraq&m=112606064317223&w=2 HP http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522 http://www.securityfocus.com/archive/1/archive/1/428138/100/0/threaded GENTOO http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml FEDORA http://www.securityfocus.com/archive/1/archive/1/427046/100/0/threaded DEBIAN http://www.debian.org/security/2005/dsa-817 http://www.debian.org/security/2005/dsa-819 http://www.debian.org/security/2005/dsa-821 http://www.debian.org/security/2005/dsa-800 CONFIRM http://www.php.net/release_4_4_1.php http://support.avaya.com/elmodocs2/security/ASA-2006-159.htm http://www.ethereal.com/appnotes/enpa-sa-00021.html http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf BID 14620 15647 APPLE http://docs.info.apple.com/article.html?artnum=302847

Return to the previous page.