CVE-2008-2371 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2008-2371
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-2371

Description: Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-628-1 http://www.ubuntu.com/usn/usn-624-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html SAID Secunia Advisory: SA30916 Secunia Advisory: SA30944 Secunia Advisory: SA30958 Secunia Advisory: SA30961 Secunia Advisory: SA30945 Secunia Advisory: SA30972 Secunia Advisory: SA30967 Secunia Advisory: SA30990 Secunia Advisory: SA31200 Secunia Advisory: SA32222 Secunia Advisory: SA32454 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:147 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200807-03.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1602 CONFIRM http://support.apple.com/kb/HT3216 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0305 http://ftp.gnome.org/pub/GNOME/sources/glib/2.16/glib-2.16.4.changes http://bugs.gentoo.org/show_bug.cgi?id=228091 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/497828/100/0/threaded BID 31681 30087 APPLE http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html

Return to the previous page.