|
|
CVE Reference: CVE-2008-1026 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-1026 |
|
|
Description: Integer overflow in the PCRE regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to execute arbitrary code via a regular expression with large, nested repetition counts, which triggers a heap-based buffer overflow. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/41859 ST 1019870 SREASON http://securityreason.com/securityalert/3815 SAID Secunia Advisory: SA31074 Secunia Advisory: SA29846 MISC http://www.zerodayinitiative.com/advisories/ZDI-08-022 CONFIRM http://support.apple.com/kb/HT1467 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/490990/100/0/threaded BID 28815 APPLE http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html http://lists.apple.com/archives/security-announce/2008/Apr/msg00001.html |
|
| Return to the previous page. |
