CVE-2006-7230 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-7230
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-7230

Description: Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dependent attackers to cause a denial of service (PCRE or glibc crash) via crafted regular expressions.

CVE Status: Candidate

References: SUSE http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html http://www.novell.com/linux/security/advisories/2007_62_pcre.html SAID Secunia Advisory: SA28406 Secunia Advisory: SA28041 Secunia Advisory: SA27773 Secunia Advisory: SA27741 Secunia Advisory: SA28414 Secunia Advisory: SA28658 Secunia Advisory: SA28714 Secunia Advisory: SA28720 Secunia Advisory: SA30155 Secunia Advisory: SA30219 Secunia Advisory: SA30106 REDHAT http://www.redhat.com/support/errata/RHSA-2007-1068.html http://www.redhat.com/support/errata/RHSA-2007-1059.html MISC http://bugs.gentoo.org/show_bug.cgi?id=198976 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:030 GENTOO http://security.gentoo.org/glsa/glsa-200801-19.xml http://security.gentoo.org/glsa/glsa-200805-11.xml http://security.gentoo.org/glsa/glsa-200801-18.xml http://security.gentoo.org/glsa/glsa-200801-02.xml http://security.gentoo.org/glsa/glsa-200711-30.xml DEBIAN http://www.debian.org/security/2008/dsa-1570 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm http://www.pcre.org/changelog.txt BID 26550

Return to the previous page.